Описание
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions.
Below is a complete list of vulnerabilities:
- Use after free vulnerability in Parcel Tracking can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in Web Authentication can be exploited to cause denial of service or execute arbitrary code.
- Insufficient data validation vulnerability in Downloads can be exploited to bypass security restrictions.
- A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
- Use after free vulnerability in Dawn can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in DevTools can be exploited to cause denial of service or execute arbitrary code.
- A remote code execution vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to execute arbitrary code.
- Inappropriate implementation vulnerability in Web Authentication can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in PictureInPicture can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in Navigations can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in Payments can be exploited to cause denial of service.
- Use after free vulnerability in AI can be exploited to cause denial of service or execute arbitrary code.
- Insufficient data validation vulnerability in DevTools can be exploited to bypass security restrictions.
- Inappropriate implementation vulnerability in Permissions can be exploited to cause denial of service.
- Use after free vulnerability in UI can be exploited to cause denial of service or execute arbitrary code.
Первичный источник обнаружения
- CVE-2024-9961
CVE-2024-9955
CVE-2024-9963
CVE-2024-43577
CVE-2024-43580
CVE-2024-9960
CVE-2024-9959
CVE-2024-43578
CVE-2024-43587
CVE-2024-9956
CVE-2024-9958
CVE-2024-43596
CVE-2024-9966
CVE-2024-9964
CVE-2024-9954
CVE-2024-9965
CVE-2024-43566
CVE-2024-49023
CVE-2024-43579
CVE-2024-9962
CVE-2024-43595
CVE-2024-9957
Эксплуатация
Public exploits exist for this vulnerability.
Связанные продукты
Список CVE
- CVE-2024-9956 warning
- CVE-2024-9959 warning
- CVE-2024-9954 critical
- CVE-2024-9955 warning
- CVE-2024-9958 warning
- CVE-2024-9962 warning
- CVE-2024-9966 high
- CVE-2024-9965 critical
- CVE-2024-9957 warning
- CVE-2024-9964 warning
- CVE-2024-9961 warning
- CVE-2024-9963 warning
- CVE-2024-9960 warning
- CVE-2024-43577 warning
- CVE-2024-43580 high
- CVE-2024-43578 critical
- CVE-2024-43587 critical
- CVE-2024-43596 critical
- CVE-2024-43566 critical
- CVE-2024-49023 high
- CVE-2024-43579 critical
- CVE-2024-43595 critical
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!