Multiple vulnerabilities in Microsoft Browser

Описание

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, spoof user interface.

Below is a complete list of vulnerabilities:

1. A use after free vulnerability in Tab Strip can be exploited to cause denial of service or execute arbitrary code.
2. A use after free vulnerability in Perfomance Manager can be exploited to cause denial of service or execute arbitrary code.
3. An implementation vulnerability in Background Fetch API can be exploited to cause denial of service.
4. An implementation vulnerability in Google Updater can be exploited to cause denial of service.
5. A side-channel information leakage vulnerability in DevTools can be exploited to obtain sensitive information.
6. An implementation vulnerability in Navigation can be exploited to cause denial of service.
7. A use after free vulnerability in File System API can be exploited to cause denial of service or execute arbitrary code.
8. A use after free vulnerability in Task Manager can be exploited to cause denial of service or execute arbitrary code.
9. A use after free vulnerability in Offline usecan be exploited to cause denial of service or execute arbitrary code.
10. Use after free vulnerability in Portals can be exploited to cause denial of service or execute arbitrary code.
11. A out of bounds read vulnerability in libjpeg-turbo can be exploited to cause denial of service or obtain sensitive information.
12. An implementation vulnerability in Compositing can be exploited to cause denial of service.
13. A security UI vulnerability in Web Browser UI can be exploited to spoof user interface.
14. An implementation vulnerability in Blink graphics can be exploited to cause denial of service.
15. A use after free vulnerability in WebGPU can be exploited to cause denial of service or execute arbitrary code.
16. An implementation vulnerability in ChromeOS Networking can be exploited to cause denial of service.

Первичный источник обнаружения

• CVE-2021-37961
  CVE-2021-37962
  CVE-2021-37968
  CVE-2021-37969
  CVE-2021-37963
  CVE-2021-37967
  CVE-2021-37958
  CVE-2021-37965
  CVE-2021-37970
  CVE-2021-37959
  CVE-2021-37956
  CVE-2021-37973
  CVE-2021-37972
  CVE-2021-37966
  CVE-2021-37971
  CVE-2021-37960
  CVE-2021-37957
  CVE-2021-37964
  

Связанные продукты

• Microsoft-Edge

Список CVE

• CVE-2021-37959
  high
• CVE-2021-37972
  high
• CVE-2021-37965
  warning
• CVE-2021-37971
  warning
• CVE-2021-37966
  warning
• CVE-2021-37963
  warning
• CVE-2021-37958
  high
• CVE-2021-37962
  high
• CVE-2021-37964
  warning
• CVE-2021-37969
  high
• CVE-2021-37970
  high
• CVE-2021-37967
  warning
• CVE-2021-37956
  high
• CVE-2021-37961
  high
• CVE-2021-37968
  warning
• CVE-2021-37957
  high
• CVE-2021-37960
  warning
• CVE-2021-37973
  high

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com