Multiple vulnerabilities in Microsoft Browser

Описание

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Use after free vulnerability in ANGLE can be exploited to cause denial of service or execute arbitrary code.
2. Use after free vulnerability in Sign-In Flow can be exploited to cause denial of service or execute arbitrary code.
3. Implementation vulnerability in Extensions API can be exploited to cause denial of service.
4. Heap buffer overflow vulnerability in Downloads can be exploited to cause denial of service.
5. Use after free vulnerability in SwiftShader can be exploited to cause denial of service or execute arbitrary code.
6. Use after free vulnerability in FedCM can be exploited to cause denial of service or execute arbitrary code.
7. Use after free vulnerability in Blink can be exploited to cause denial of service or execute arbitrary code.
8. Policy enforcement vulnerability in Cookies can be exploited to bypass security restrictions.

Первичный источник обнаружения

• CVE-2022-2860
  CVE-2022-2857
  CVE-2022-2855
  CVE-2022-2852
  CVE-2022-2854
  CVE-2022-2853
  CVE-2022-2858
  CVE-2022-2861
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Edge

Список CVE

• CVE-2022-2855
  warning
• CVE-2022-2858
  warning
• CVE-2022-2861
  warning
• CVE-2022-2853
  warning
• CVE-2022-2854
  warning
• CVE-2022-2852
  warning
• CVE-2022-2857
  warning
• CVE-2022-2860
  warning

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com