Description
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions.
Below is a complete list of vulnerabilities:
- Use after free vulnerability in Parcel Tracking can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in Web Authentication can be exploited to cause denial of service or execute arbitrary code.
- Insufficient data validation vulnerability in Downloads can be exploited to bypass security restrictions.
- A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
- Use after free vulnerability in Dawn can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in DevTools can be exploited to cause denial of service or execute arbitrary code.
- A remote code execution vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to execute arbitrary code.
- Inappropriate implementation vulnerability in Web Authentication can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in PictureInPicture can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in Navigations can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in Payments can be exploited to cause denial of service.
- Use after free vulnerability in AI can be exploited to cause denial of service or execute arbitrary code.
- Insufficient data validation vulnerability in DevTools can be exploited to bypass security restrictions.
- Inappropriate implementation vulnerability in Permissions can be exploited to cause denial of service.
- Use after free vulnerability in UI can be exploited to cause denial of service or execute arbitrary code.
Fiches de renseignement originales
- CVE-2024-9955
- CVE-2024-9963
- CVE-2024-43577
- CVE-2024-43580
- CVE-2024-9960
- CVE-2024-9959
- CVE-2024-43578
- CVE-2024-43587
- CVE-2024-9956
- CVE-2024-9958
- CVE-2024-43596
- CVE-2024-9966
- CVE-2024-9964
- CVE-2024-9954
- CVE-2024-9965
- CVE-2024-43566
- CVE-2024-49023
- CVE-2024-43579
- CVE-2024-9962
- CVE-2024-43595
- CVE-2024-9957
Exploitation
Public exploits exist for this vulnerability.
Produits associés
Liste CVE
- CVE-2024-9956 critical
- CVE-2024-9959 critical
- CVE-2024-9954 critical
- CVE-2024-9955 critical
- CVE-2024-9958 warning
- CVE-2024-9962 warning
- CVE-2024-9966 high
- CVE-2024-9965 critical
- CVE-2024-9957 critical
- CVE-2024-9964 warning
- CVE-2024-9961 critical
- CVE-2024-9963 warning
- CVE-2024-9960 critical
- CVE-2024-43577 warning
- CVE-2024-43580 high
- CVE-2024-43578 critical
- CVE-2024-43587 critical
- CVE-2024-43596 critical
- CVE-2024-43566 critical
- CVE-2024-49023 high
- CVE-2024-43579 critical
- CVE-2024-43595 critical
Liste KB
En savoir plus
Découvrez les statistiques de la propagation des vulnérabilités dans votre région statistics.securelist.com
Vous avez trouvé une inexactitude dans la description de cette vulnérabilité ? Faites-le nous savoir !