Microsoft Edge (Chromium) < 105.0.1343.25 Multiple Vulnerabilities
Discription

The version of Microsoft Edge installed on the remote Windows host is prior to 105.0.1343.25. It is, therefore, affected by multiple vulnerabilities as referenced in the September 1, 2022 advisory.

– Use after free in Network Service. (CVE-2022-3038)

– Use after free in WebSQL. (CVE-2022-3039, CVE-2022-3041)

– Use after free in Layout. (CVE-2022-3040)

– Inappropriate implementation in Site Isolation. (CVE-2022-3044)

– Insufficient validation of untrusted input in V8. (CVE-2022-3045)

– Use after free in Browser Tag. (CVE-2022-3046)

– Insufficient policy enforcement in Extensions API. (CVE-2022-3047)

– Inappropriate implementation in Pointer Lock. (CVE-2022-3053)

– Insufficient policy enforcement in DevTools. (CVE-2022-3054)

– Use after free in Passwords. (CVE-2022-3055)

– Insufficient policy enforcement in Content Security Policy. (CVE-2022-3056)

– Inappropriate implementation in iframe Sandbox. (CVE-2022-3057)

– Use after free in Sign-In Flow. (CVE-2022-3058)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.Read More

Back to Main

Subscribe for the latest news: