Multiple vulnerabilities in Microsoft Browser

Açıklama

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Use after free vulnerability in Parcel Tracking can be exploited to cause denial of service or execute arbitrary code.
2. Use after free vulnerability in Web Authentication can be exploited to cause denial of service or execute arbitrary code.
3. Insufficient data validation vulnerability in Downloads can be exploited to bypass security restrictions.
4. A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
5. Use after free vulnerability in Dawn can be exploited to cause denial of service or execute arbitrary code.
6. Use after free vulnerability in DevTools can be exploited to cause denial of service or execute arbitrary code.
7. A remote code execution vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to execute arbitrary code.
8. Inappropriate implementation vulnerability in Web Authentication can be exploited to cause denial of service.
9. Inappropriate implementation vulnerability in PictureInPicture can be exploited to cause denial of service.
10. Inappropriate implementation vulnerability in Navigations can be exploited to cause denial of service.
11. Inappropriate implementation vulnerability in Payments can be exploited to cause denial of service.
12. Use after free vulnerability in AI can be exploited to cause denial of service or execute arbitrary code.
13. Insufficient data validation vulnerability in DevTools can be exploited to bypass security restrictions.
14. Inappropriate implementation vulnerability in Permissions can be exploited to cause denial of service.
15. Use after free vulnerability in UI can be exploited to cause denial of service or execute arbitrary code.

Orijinal öneriler

• CVE-2024-9961

• CVE-2024-9955
• CVE-2024-9963
• CVE-2024-43577
• CVE-2024-43580
• CVE-2024-9960
• CVE-2024-9959
• CVE-2024-43578
• CVE-2024-43587
• CVE-2024-9956
• CVE-2024-9958
• CVE-2024-43596
• CVE-2024-9966
• CVE-2024-9964
• CVE-2024-9954
• CVE-2024-9965
• CVE-2024-43566
• CVE-2024-49023
• CVE-2024-43579
• CVE-2024-9962
• CVE-2024-43595
• CVE-2024-9957

Kötüye kullanma

Public exploits exist for this vulnerability.

İlgili ürünler

• Microsoft-Edge

CVE Listesi

• CVE-2024-9956
  critical
• CVE-2024-9959
  critical
• CVE-2024-9954
  critical
• CVE-2024-9955
  critical
• CVE-2024-9958
  warning
• CVE-2024-9962
  warning
• CVE-2024-9966
  high
• CVE-2024-9965
  critical
• CVE-2024-9957
  critical
• CVE-2024-9964
  warning
• CVE-2024-9961
  critical
• CVE-2024-9963
  warning
• CVE-2024-9960
  critical
• CVE-2024-43577
  warning
• CVE-2024-43580
  high
• CVE-2024-43578
  critical
• CVE-2024-43587
  critical
• CVE-2024-43596
  critical
• CVE-2024-43566
  critical
• CVE-2024-49023
  high
• CVE-2024-43579
  critical
• CVE-2024-43595
  critical

KB Listesi

Daha fazlasını okuyun

Bölgenizde yayılan güvenlik açıklarının istatistiklerini öğrenin statistics.securelist.com