説明
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface.
Below is a complete list of vulnerabilities:
- Use after free vulnerability in Import can be exploited to cause denial of service or execute arbitrary code.
- A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
- Validation of untrusted input vulnerability in Intents can be exploited to cause denial of service.
- Validation of untrusted input vulnerability in Safe Browsing can be exploited to cause denial of service.
- Use after free vulnerability in Media can be exploited to cause denial of service or execute arbitrary code.
- Security UI vulnerability in Full Screen can be exploited to spoof user interface.
- Use after free vulnerability in CSS can be exploited to cause denial of service or execute arbitrary code.
- Type confusion vulnerability in Blink can be exploited to cause denial of service.
- Policy enforcement vulnerability in Developer Tools can be exploited to cause denial of service.
- Policy enforcement vulnerability in Custom Tabs can be exploited to cause denial of service.
オリジナルアドバイザリー
- CVE-2022-41035
- CVE-2022-3317
- CVE-2022-3316
- CVE-2022-3307
- CVE-2022-3313
- CVE-2022-3304
- CVE-2022-3315
- CVE-2022-3308
- CVE-2022-3310
エクスプロイテーション
Public exploits exist for this vulnerability.
関連製品
CVEリスト
- CVE-2022-3311 high
- CVE-2022-3307 critical
- CVE-2022-3308 high
- CVE-2022-3317 warning
- CVE-2022-3310 high
- CVE-2022-3304 critical
- CVE-2022-3315 critical
- CVE-2022-3316 warning
- CVE-2022-3313 high
- CVE-2022-41035 high
KBリスト
も参照してください
お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com
この脆弱性についての記述に不正確な点がありますか? お知らせください!