Kaspersky ID:
KLA63367
Дата обнаружения:
25/01/2024
Обновлено:
29/01/2024

Описание

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service, spoof user interface, gain privileges, bypass security restrictions.

Below is a complete list of vulnerabilities:

  1. An information disclosure vulnerability in Microsoft Edge for Android can be exploited remotely to obtain sensitive information.
  2. Use after free vulnerability in Reading Mode can be exploited to cause denial of service or execute arbitrary code.
  3. Integer underflow vulnerability in WebUI can be exploited to cause execute arbitrary code and denial of service.
  4. A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
  5. An elevation of privilege vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to gain privileges.
  6. Implementation vulnerability in Downloads can be exploited to cause denial of service.
  7. Policy enforcement vulnerability in iOS Security UI can be exploited to cause denial of service.
  8. Implementation vulnerability in Extensions API can be exploited to cause denial of service.
  9. Use after free vulnerability in WebAudio can be exploited to cause denial of service or execute arbitrary code.
  10. Implementation vulnerability in Accessibility can be exploited to cause denial of service.
  11. A spoofing vulnerability in Microsoft Edge for Android can be exploited remotely to spoof user interface.
  12. Implementation vulnerability in Autofill can be exploited to cause denial of service.
  13. Security UI vulnerability in Payments can be exploited to spoof user interface.
  14. Policy enforcement vulnerability in DevTools can be exploited to cause denial of service.
  15. Use after free vulnerability in Passwords can be exploited to cause denial of service or execute arbitrary code.

Первичный источник обнаружения

Связанные продукты

Список CVE

  • CVE-2024-0808
    warning
  • CVE-2024-0805
    warning
  • CVE-2024-0807
    warning
  • CVE-2024-0810
    warning
  • CVE-2024-0804
    warning
  • CVE-2024-0806
    warning
  • CVE-2024-0811
    warning
  • CVE-2024-0813
    warning
  • CVE-2024-0812
    warning
  • CVE-2024-0814
    warning
  • CVE-2024-0809
    warning
  • CVE-2024-21382
    warning
  • CVE-2024-21383
    warning
  • CVE-2024-21385
    critical
  • CVE-2024-21326
    critical
  • CVE-2024-21387
    high

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Узнай больше об угрозах и векторах атаки на Энциклопедии Kaspersky
Бесплатно
Читать
Kaspersky Premium
Комплексное решение для защиты вашей цифровой жизни
Премиум
Скачать
Confirm changes?
Your message has been sent successfully.