Multiple vulnerabilities in Microsoft Browser

Описание

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, bypass security restrictions, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. Implementation vulnerability in Navigation can be exploited to cause denial of service.
2. Implementation vulnerability in DevTools can be exploited to cause denial of service.
3. Implementation vulnerability in Input can be exploited to cause denial of service.
4. Implementation vulnerability in Intents can be exploited to cause denial of service.
5. Implementation vulnerability in Extensions API can be exploited to cause denial of service.
6. Heap buffer overflow vulnerability in PDF can be exploited to cause denial of service.
7. Use after free vulnerability in Cast can be exploited to cause denial of service or execute arbitrary code.
8. Implementation vulnerability in Autofill can be exploited to cause denial of service.
9. Use after free vulnerability in Blink History can be exploited to cause denial of service or execute arbitrary code.
10. Implementation vulnerability in Installer can be exploited to cause denial of service.
11. A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
12. Use after free vulnerability in Site Isolation can be exploited to cause denial of service or execute arbitrary code.
13. Implementation vulnerability in Fullscreen can be exploited to cause denial of service.
14. Implementation vulnerability in Downloads can be exploited to cause denial of service.

Первичный источник обнаружения

• CVE-2023-5484
  CVE-2023-5475
  CVE-2023-5486
  CVE-2023-5483
  CVE-2023-5479
  CVE-2023-5474
  CVE-2023-5473
  CVE-2023-5485
  CVE-2023-5476
  CVE-2023-5477
  CVE-2023-36559
  CVE-2023-5218
  CVE-2023-5487
  CVE-2023-5478
  CVE-2023-5481
  

Связанные продукты

• Microsoft-Edge

Список CVE

• CVE-2023-5476
  unknown
• CVE-2023-5485
  unknown
• CVE-2023-5473
  unknown
• CVE-2023-5478
  unknown
• CVE-2023-5484
  unknown
• CVE-2023-5483
  unknown
• CVE-2023-5474
  unknown
• CVE-2023-5479
  unknown
• CVE-2023-5475
  unknown
• CVE-2023-5218
  unknown
• CVE-2023-5486
  unknown
• CVE-2023-5477
  unknown
• CVE-2023-5487
  unknown
• CVE-2023-5481
  unknown
• CVE-2023-36559
  unknown

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com