Multiple vulnerabilities in Microsoft Browser

Описание

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface.

Below is a complete list of vulnerabilities:

1. Use after free vulnerability in Side Panel can be exploited to cause denial of service or execute arbitrary code.
2. Use after free vulnerability in Printing can be exploited to cause denial of service or execute arbitrary code.
3. Integer overflow vulnerability in USB can be exploited to cause execute arbitrary code and denial of service.
4. Implementation vulnerability in Payments can be exploited to cause denial of service.
5. Security UI vulnerability in Picture In Picture can be exploited to spoof user interface.
6. A remote code execution vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to execute arbitrary code.
7. Security UI vulnerability in Downloads can be exploited to spoof user interface.
8. Implementation vulnerability in Downloads can be exploited to cause denial of service.
9. Implementation vulnerability in WebApp Provider can be exploited to cause denial of service.
10. Use after free vulnerability in Reading Mode can be exploited to cause denial of service or execute arbitrary code.
11. A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
12. Use after free vulnerability in Profiles can be exploited to cause denial of service or execute arbitrary code.
13. Data validation vulnerability in USB can be exploited to cause denial of service.

Первичный источник обнаружения

• CVE-2023-5856
  CVE-2023-5852
  CVE-2023-5849
  CVE-2023-5480
  CVE-2023-5859
  CVE-2023-36022
  CVE-2023-5853
  CVE-2023-36034
  CVE-2023-5851
  CVE-2023-5858
  CVE-2023-5855
  CVE-2023-5850
  CVE-2023-36029
  CVE-2023-5854
  CVE-2023-5482
  CVE-2023-5857
  

Связанные продукты

• Microsoft-Edge

Список CVE

• CVE-2023-5480
  high
• CVE-2023-5851
  warning
• CVE-2023-5482
  critical
• CVE-2023-5856
  critical
• CVE-2023-5852
  critical
• CVE-2023-5859
  warning
• CVE-2023-5855
  critical
• CVE-2023-5850
  warning
• CVE-2023-5849
  critical
• CVE-2023-5853
  warning
• CVE-2023-5854
  critical
• CVE-2023-5857
  critical
• CVE-2023-5858
  warning
• CVE-2023-36022
  high
• CVE-2023-36034
  high
• CVE-2023-36029
  warning

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com