Microsoft Edge Multiple Vulnerabilities

Release Date: 3 Oct 2023 3660 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities were identified in Microsoft Edge.  A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and security restriction bypass on the targeted system.

 

Note:

CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx. Google is aware that an exploit for CVE-2023-5217 exists in the wild.

Impact

  • Denial of Service
  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • Microsoft Edge (Stable) prior to 117.0.2045.47
  • Microsoft Edge (Extended Stable) prior to 116.0.1938.98
 

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to Microsoft Edge (Stable) version 117.0.2045.47 or later
  • Update to Microsoft Edge (Extended Stable) version 116.0.1938.98 or later

Vulnerability Identifier

Source

Related Link

Related Tags

EdgeDenial of ServiceRemote Code ExecutionSecurity Restriction BypassExploit In The Wild

Share with

Previous

Mozilla Products Remote Code Execution Vulnerability

3 Oct 2023 3376 Views

Next

Exim Multiple Vulnerabilities

3 Oct 2023 3161 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY