Windows : Microsoft Bulletins : Microsoft Edge (Chromium-Based) Multiple Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.832976

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Edge (Chromium-Based) Multiple Vulnerabilities - May24

Resumen: Microsoft Edge (Chromium-Based) is prone to; multiple vulnerabilities.

Descripción: Summary:
Microsoft Edge (Chromium-Based) is prone to
multiple vulnerabilities.

Vulnerability Insight:
These vulnerabilities exist:

- CVE-2024-4671: An use after free in error Visuals.

- CVE-2024-30055: Microsoft Edge (Chromium-based) Spoofing Vulnerability.

Vulnerability Impact:
Successful exploitation allows an attacker
to conduct spoofing attacks and potentially perform a sandbox escape via a
crafted HTML page.

Affected Software/OS:
Microsoft Edge (Chromium-Based) prior to version 124.0.2478.97.

Solution:
The vendor has released updates. Please
see the references for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2024-4671
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html
https://issues.chromium.org/issues/339266700
Common Vulnerability Exposure (CVE) ID: CVE-2024-30055
Microsoft Edge (Chromium-based) Spoofing Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30055

Copyright Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.832976
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Edge (Chromium-Based) Multiple Vulnerabilities - May24
Resumen:	Microsoft Edge (Chromium-Based) is prone to; multiple vulnerabilities.
Descripción:	Summary: Microsoft Edge (Chromium-Based) is prone to multiple vulnerabilities. Vulnerability Insight: These vulnerabilities exist: - CVE-2024-4671: An use after free in error Visuals. - CVE-2024-30055: Microsoft Edge (Chromium-based) Spoofing Vulnerability. Vulnerability Impact: Successful exploitation allows an attacker to conduct spoofing attacks and potentially perform a sandbox escape via a crafted HTML page. Affected Software/OS: Microsoft Edge (Chromium-Based) prior to version 124.0.2478.97. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-4671 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/ https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html https://issues.chromium.org/issues/339266700 Common Vulnerability Exposure (CVE) ID: CVE-2024-30055 Microsoft Edge (Chromium-based) Spoofing Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30055
Copyright	Copyright (C) 2024 Greenbone AG