KLA60746
Multiple vulnerabilities in Microsoft Browser

Обновлено: 29/09/2023
Дата обнаружения
15/09/2023
Уровень угрозы
Critical
Описание

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, spoof user interface, gain privileges, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Policy enforcement vulnerability in Downloads can be exploited to cause denial of service.
  2. Implementation vulnerability in Custom Mobile Tabs can be exploited to cause denial of service.
  3. Implementation vulnerability in Custom Tabs can be exploited to cause denial of service.
  4. An elevation of privilege vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to gain privileges.
  5. A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
  6. Implementation vulnerability in Picture can be exploited to cause denial of service.
  7. Implementation vulnerability in Interstitials can be exploited to cause denial of service.
  8. Policy enforcement vulnerability in Autofill can be exploited to cause denial of service.
  9. Implementation vulnerability in Prompts can be exploited to cause denial of service.
  10. Implementation vulnerability in Intents can be exploited to cause denial of service.
  11. Implementation vulnerability in Input can be exploited to cause denial of service.
Пораженные продукты

Microsoft Edge (Chromium-based)

Решение

Install necessary updates from the Settings and more menu, that are listed in your About Microsoft Edge page (Microsoft Edge About page usually can be accessed from the Help and feedback option)
Microsoft Edge update settings

Первичный источник обнаружения
CVE-2023-4904
CVE-2023-4903
CVE-2023-4900
CVE-2023-36735
CVE-2023-36727
CVE-2023-36562
CVE-2023-4908
CVE-2023-4909
CVE-2023-4906
CVE-2023-4901
CVE-2023-4907
CVE-2023-4905
CVE-2023-4902
Оказываемое влияние
?
ACE 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]

SUI 
[?]
Связанные продукты
Microsoft Edge
CVE-IDS
CVE-2023-49025.0Warning
CVE-2023-49065.0Warning
CVE-2023-49005.0Warning
CVE-2023-49075.0Warning
CVE-2023-49055.0Warning
CVE-2023-49045.0Warning
CVE-2023-49015.0Warning
CVE-2023-49085.0Warning
CVE-2023-49095.0Warning
CVE-2023-49035.0Warning
CVE-2023-367355.0Warning
CVE-2023-367275.0Warning
CVE-2023-365625.0Warning
Узнай статистику распространения уязвимостей в твоем регионе