Multiple vulnerabilities in Microsoft Browser

Описание

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Heap buffer overflow vulnerability in Tab Strip can be exploited to cause denial of service.
2. Use after free vulnerability in PDFium can be exploited to cause denial of service or execute arbitrary code.
3. A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
4. Use after free vulnerability in Dawn can be exploited to cause denial of service or execute arbitrary code.
5. Inappropriate implementation vulnerability in Dawn can be exploited to cause denial of service.
6. Use after free vulnerability in V8 can be exploited to cause denial of service or execute arbitrary code.
7. A spoofing vulnerability in Microsoft Edge for iOS can be exploited remotely to spoof user interface.
8. Security vulnerability in CORS can be exploited to bypass security restrictions.
9. Type confusion vulnerability in V8 can be exploited to cause denial of service.
10. Inappropriate implementation vulnerability in Downloads can be exploited to cause denial of service.
11. Inappropriate implementation vulnerability in DevTools can be exploited to cause denial of service.
12. Inappropriate implementation vulnerability in Memory Allocator can be exploited to cause denial of service.
13. Heap buffer overflow vulnerability in Tab Groups can be exploited to cause denial of service.
14. Use after free vulnerability in Audio can be exploited to cause denial of service or execute arbitrary code.
15. Use after free vulnerability in Browser UI can be exploited to cause denial of service or execute arbitrary code.

Первичный источник обнаружения

• CVE-2024-5844
  CVE-2024-5847
  CVE-2024-38083
  CVE-2024-5831
  CVE-2024-5834
  CVE-2024-5846
  CVE-2024-5841
  CVE-2024-30057
  CVE-2024-5840
  CVE-2024-5838
  CVE-2024-5843
  CVE-2024-5836
  CVE-2024-5839
  CVE-2024-5833
  CVE-2024-5837
  CVE-2024-5832
  CVE-2024-5835
  CVE-2024-5830
  CVE-2024-30058
  CVE-2024-5845
  CVE-2024-5842
  

Связанные продукты

• Microsoft-Edge

Список CVE

• CVE-2024-5847
  critical
• CVE-2024-5846
  critical
• CVE-2024-5842
  critical
• CVE-2024-5838
  critical
• CVE-2024-5839
  high
• CVE-2024-5841
  critical
• CVE-2024-5833
  critical
• CVE-2024-5840
  high
• CVE-2024-5837
  critical
• CVE-2024-5834
  critical
• CVE-2024-5831
  critical
• CVE-2024-5836
  critical
• CVE-2024-5844
  critical
• CVE-2024-5835
  critical
• CVE-2024-5830
  critical
• CVE-2024-5832
  critical
• CVE-2024-5843
  high
• CVE-2024-5845
  critical
• CVE-2024-38083
  warning
• CVE-2024-30057
  high
• CVE-2024-30058
  high

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com