Multiple vulnerabilities in Microsoft Browser

Описание

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface, gain privileges.

Below is a complete list of vulnerabilities:

1. Implementation vulnerability in Web API Permission can be exploited to cause denial of service.
2. Implementation vulnerability in Custom Tabs can be exploited to cause denial of service.
3. Implementation vulnerability in Autofill can be exploited to cause denial of service.
4. Validation of untrusted input vulnerability in Them can be exploited to cause denial of service.
5. Out of bounds memory access vulnerability in Mojo can be exploited to cause denial of service.
6. Use after free vulnerability in Tab Groups can be exploited to cause denial of service or execute arbitrary code.
7. A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
8. Implementation vulnerability in Notifications can be exploited to cause denial of service.
9. Implementation vulnerability in WebApp Installs can be exploited to cause denial of service.
10. An elevation of privilege vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to gain privileges.
11. Use after free vulnerability in WebRTC can be exploited to cause denial of service or execute arbitrary code.
12. Implementation vulnerability in Picture In Picture can be exploited to cause denial of service.
13. A spoofing vulnerability in Microsoft Edge for Android can be exploited remotely to spoof user interface.

Первичный источник обнаружения

• CVE-2023-3735
  CVE-2023-3736
  CVE-2023-3738
  CVE-2023-3740
  CVE-2023-3732
  CVE-2023-3730
  CVE-2023-35392
  CVE-2023-3737
  CVE-2023-3733
  CVE-2023-38187
  CVE-2023-3728
  CVE-2023-3727
  CVE-2023-3734
  CVE-2023-38173
  

Связанные продукты

• Microsoft-Edge

Список CVE

• CVE-2023-3733
  warning
• CVE-2023-3740
  warning
• CVE-2023-3738
  warning
• CVE-2023-3736
  warning
• CVE-2023-3734
  warning
• CVE-2023-3728
  critical
• CVE-2023-3732
  critical
• CVE-2023-3730
  critical
• CVE-2023-3727
  critical
• CVE-2023-3737
  warning
• CVE-2023-3735
  warning
• CVE-2023-35392
  warning
• CVE-2023-38187
  high
• CVE-2023-38173
  warning

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com