Описание
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges.
Below is a complete list of vulnerabilities:
- Use after free vulnerability in Base can be exploited to cause denial of service or execute arbitrary code.
- Inappropriate implementation vulnerability in Extensions API can be exploited to cause denial of service.
- An elevation of privilege vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to gain privileges.
- Type confusion vulnerability in V8 can be exploited to cause denial of service.
- Use after free vulnerability in WebApp Provider can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in Interest groups can be exploited to cause denial of service or execute arbitrary code.
- Insufficient data validation in URL formatting can be exploited to cause denial of service.
- Insufficient policy enforcement in DevTools can be exploited to cause denial of service.
- Insufficient policy enforcement in File System API can be exploited to cause denial of service
- Use after free vulnerability in Cast UI and Toolbar can be exploited to cause denial of service or execute arbitrary code.
Первичный источник обнаружения
- CVE-2022-2156
CVE-2022-2164
CVE-2022-30192
CVE-2022-2158
CVE-2022-2161
CVE-2022-2157
CVE-2022-2165
CVE-2022-2160
CVE-2022-33638
CVE-2022-2162
CVE-2022-2163
Связанные продукты
Список CVE
- CVE-2022-2160 high
- CVE-2022-2164 high
- CVE-2022-2165 warning
- CVE-2022-2158 critical
- CVE-2022-2163 critical
- CVE-2022-2157 critical
- CVE-2022-2156 critical
- CVE-2022-2162 critical
- CVE-2022-2161 critical
- CVE-2022-30192 critical
- CVE-2022-33638 critical
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!