説明
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code.
Below is a complete list of vulnerabilities:
- Implementation vulnerability in File System API can be exploited to cause denial of service.
- Implementation vulnerability in Fullscreen API can be exploited to cause denial of service.
- Implementation vulnerability in Permission prompts can be exploited to cause denial of service.
- Implementation vulnerability in iframe Sandbox can be exploited to cause denial of service.
- Validation of untrusted input vulnerability in Downloads can be exploited to cause denial of service.
- Policy enforcement vulnerability in CORS can be exploited to cause denial of service.
- An elevation of privilege vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to gain privileges.
- Use after free vulnerability in Cart can be exploited to cause denial of service or execute arbitrary code.
- Heap buffer overflow vulnerability in Network Service can be exploited to cause denial of service.
- A remote code execution vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to execute arbitrary code.
- Heap buffer overflow vulnerability in libphonenumber can be exploited to cause denial of service.
オリジナルアドバイザリー
- CVE-2023-0130
- CVE-2023-0132
- CVE-2023-0131
- CVE-2023-0139
- CVE-2023-0133
- CVE-2023-0141
- CVE-2023-21796
- CVE-2023-0136
- CVE-2023-0134
- CVE-2023-0129
- CVE-2023-0135
- CVE-2023-21775
- CVE-2023-0138
関連製品
CVEリスト
- CVE-2023-0129 critical
- CVE-2023-0132 high
- CVE-2023-0136 critical
- CVE-2023-0133 high
- CVE-2023-0140 high
- CVE-2023-0131 high
- CVE-2023-0138 critical
- CVE-2023-0135 critical
- CVE-2023-0134 critical
- CVE-2023-0130 high
- CVE-2023-0141 warning
- CVE-2023-0139 high
- CVE-2023-21796 critical
- CVE-2023-21775 critical
KBリスト
も参照してください
お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com
この脆弱性についての記述に不正確な点がありますか? お知らせください!