Descripción
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions.
Below is a complete list of vulnerabilities:
- Use after free vulnerability in Parcel Tracking can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in Web Authentication can be exploited to cause denial of service or execute arbitrary code.
- Insufficient data validation vulnerability in Downloads can be exploited to bypass security restrictions.
- A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
- Use after free vulnerability in Dawn can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in DevTools can be exploited to cause denial of service or execute arbitrary code.
- A remote code execution vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to execute arbitrary code.
- Inappropriate implementation vulnerability in Web Authentication can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in PictureInPicture can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in Navigations can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in Payments can be exploited to cause denial of service.
- Use after free vulnerability in AI can be exploited to cause denial of service or execute arbitrary code.
- Insufficient data validation vulnerability in DevTools can be exploited to bypass security restrictions.
- Inappropriate implementation vulnerability in Permissions can be exploited to cause denial of service.
- Use after free vulnerability in UI can be exploited to cause denial of service or execute arbitrary code.
Notas informativas originales
- CVE-2024-9955
- CVE-2024-9963
- CVE-2024-43577
- CVE-2024-43580
- CVE-2024-9960
- CVE-2024-9959
- CVE-2024-43578
- CVE-2024-43587
- CVE-2024-9956
- CVE-2024-9958
- CVE-2024-43596
- CVE-2024-9966
- CVE-2024-9964
- CVE-2024-9954
- CVE-2024-9965
- CVE-2024-43566
- CVE-2024-49023
- CVE-2024-43579
- CVE-2024-9962
- CVE-2024-43595
- CVE-2024-9957
Explotación
Public exploits exist for this vulnerability.
Productos relacionados
Lista CVE
- CVE-2024-9956 critical
- CVE-2024-9959 critical
- CVE-2024-9954 critical
- CVE-2024-9955 critical
- CVE-2024-9958 warning
- CVE-2024-9962 warning
- CVE-2024-9966 high
- CVE-2024-9965 critical
- CVE-2024-9957 critical
- CVE-2024-9964 warning
- CVE-2024-9961 critical
- CVE-2024-9963 warning
- CVE-2024-9960 critical
- CVE-2024-43577 warning
- CVE-2024-43580 high
- CVE-2024-43578 critical
- CVE-2024-43587 critical
- CVE-2024-43596 critical
- CVE-2024-43566 critical
- CVE-2024-49023 high
- CVE-2024-43579 critical
- CVE-2024-43595 critical
Lista KB
Leer más
Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com
¿Has encontrado algún error en la descripción de esta vulnerabilidad? ¡Háznoslo saber!