Multiple vulnerabilities in Microsoft Browser

Описание

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code, cause denial of service, spoof user interface.

Below is a complete list of vulnerabilities:

1. A security feature bypass vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to bypass security restrictions.
2. An elevation of privilege vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to gain privileges.
3. Implementation vulnerability in PictureInPicture can be exploited to cause denial of service.
4. Implementation vulnerability in Prompts can be exploited to cause denial of service.
5. Validation of untrusted input vulnerability in Exte can be exploited to cause denial of service.
6. Implementation vulnerability in CORS can be exploited to cause denial of service.
7. Implementation vulnerability in Full Screen Mode can be exploited to cause denial of service.

Первичный источник обнаружения

• CVE-2023-29354
  CVE-2023-29350
  CVE-2023-2468
  CVE-2023-2462
  CVE-2023-2460
  CVE-2023-2464
  CVE-2023-2459
  CVE-2023-2467
  CVE-2023-2466
  CVE-2023-2465
  CVE-2023-2463
  

Связанные продукты

• Microsoft-Edge

Список CVE

• CVE-2023-2460
  high
• CVE-2023-2462
  warning
• CVE-2023-2467
  warning
• CVE-2023-2464
  warning
• CVE-2023-2465
  warning
• CVE-2023-2466
  warning
• CVE-2023-2463
  warning
• CVE-2023-2459
  high
• CVE-2023-2468
  warning
• CVE-2023-29354
  warning
• CVE-2023-29350
  critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com