Multiple vulnerabilities in Microsoft Browser

説明

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

1. Use after free vulnerability in web packaging can be exploited to cause denial of service or execute arbitrary code.
2. Heap buffer overflow vulnerability in Task Manager can be exploited to execute arbitrary code or cause denial of service.
3. Use after free vulnerability in safe browsing can be exploited to cause denial of service or execute arbitrary code.
4. Implementation vulnerability in Storage can be exploited to cause denial of service.
5. Race condition vulnerability in GPU Watchdog can be exploited to cause denial of service.
6. Heap buffer overflow vulnerability in PDFium can be exploited to execute arbitrary code or cause denial of service.
7. Use after free vulnerability in Omnibox can be exploited to cause denial of service or execute arbitrary code.
8. Use after free vulnerability in Bookmarks can be exploited to cause denial of service or execute arbitrary code.
9. Use after free vulnerability in Vulkan can be exploited to cause denial of service or execute arbitrary code.
10. Implementation vulnerability in Autofill can be exploited to cause denial of service.
11. Implementation vulnerability in Service Worker API can be exploited to cause denial of service.
12. Use after free vulnerability in Optimization Guide can be exploited to cause denial of service or execute arbitrary code.
13. Use after free vulnerability in Data Transfer can be exploited to cause denial of service or execute arbitrary code.
14. Use after free vulnerability in site isolation can be exploited to cause denial of service or execute arbitrary code.
15. Use after free vulnerability in Scheduling can be exploited to cause denial of service or execute arbitrary code.
16. Use after free vulnerability in Printing can be exploited to cause denial of service or execute arbitrary code.
17. Implementation vulnerability in Fenced Frames can be exploited to cause denial of service.
18. Implementation vulnerability in push messaging can be exploited to cause denial of service.
19. Heap buffer overflow vulnerability in DevTools can be exploited to execute arbitrary code or cause denial of service.
20. Use after free vulnerability in Text Input Method Editor can be exploited to cause denial of service or execute arbitrary code.

オリジナルアドバイザリー

• CVE-2022-0293

• CVE-2022-0311
• CVE-2022-0289
• CVE-2022-0310
• CVE-2022-0291
• CVE-2022-0303
• CVE-2022-0306
• CVE-2022-0302
• CVE-2022-0304
• CVE-2022-0297
• CVE-2022-0309
• CVE-2022-0305
• CVE-2022-0307
• CVE-2022-0295
• CVE-2022-0308
• CVE-2022-0290
• CVE-2022-0298
• CVE-2022-0296
• CVE-2022-0292
• CVE-2022-0294
• CVE-2022-0301
• CVE-2022-0300

エクスプロイテーション

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

関連製品

• Microsoft-Edge

CVEリスト

• CVE-2022-0305
  high
• CVE-2022-0306
  critical
• CVE-2022-0293
  critical
• CVE-2022-0298
  critical
• CVE-2022-0290
  critical
• CVE-2022-0296
  critical
• CVE-2022-0307
  critical
• CVE-2022-0304
  critical
• CVE-2022-0302
  critical
• CVE-2022-0310
  critical
• CVE-2022-0308
  critical
• CVE-2022-0294
  high
• CVE-2022-0303
  warning
• CVE-2022-0301
  critical
• CVE-2022-0289
  critical
• CVE-2022-0311
  critical
• CVE-2022-0295
  critical
• CVE-2022-0292
  high
• CVE-2022-0300
  critical
• CVE-2022-0291
  high
• CVE-2022-0297
  critical
• CVE-2022-0309
  high

KBリスト

も参照してください

お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com