Описание
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface.
Below is a complete list of vulnerabilities:
- Use after free vulnerability in Import can be exploited to cause denial of service or execute arbitrary code.
- A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
- Validation of untrusted input vulnerability in Intents can be exploited to cause denial of service.
- Validation of untrusted input vulnerability in Safe Browsing can be exploited to cause denial of service.
- Use after free vulnerability in Media can be exploited to cause denial of service or execute arbitrary code.
- Security UI vulnerability in Full Screen can be exploited to spoof user interface.
- Use after free vulnerability in CSS can be exploited to cause denial of service or execute arbitrary code.
- Type confusion vulnerability in Blink can be exploited to cause denial of service.
- Policy enforcement vulnerability in Developer Tools can be exploited to cause denial of service.
- Policy enforcement vulnerability in Custom Tabs can be exploited to cause denial of service.
Первичный источник обнаружения
- CVE-2022-3311
CVE-2022-41035
CVE-2022-3317
CVE-2022-3316
CVE-2022-3307
CVE-2022-3313
CVE-2022-3304
CVE-2022-3315
CVE-2022-3308
CVE-2022-3310
Связанные продукты
Список CVE
- CVE-2022-3311 high
- CVE-2022-3307 critical
- CVE-2022-3308 high
- CVE-2022-3317 warning
- CVE-2022-3310 high
- CVE-2022-3304 critical
- CVE-2022-3315 critical
- CVE-2022-3316 warning
- CVE-2022-3313 high
- CVE-2022-41035 high
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!