CVE-2022-21970 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE-2022-21970 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge allows remote attackers to access to arbitrary local files via a crafted HTML request that targets the Local File Picker, aka “Microsoft Edge Elevation of Privilege Vulnerability.” CVE-2017-8110 Microsoft ChakraCore/Edge An information disclosure vulnerability in Microsoft Edge could allow an attacker to potentially disclose sensitive information when parsing HTML. The vulnerability could be exploited to potentially disclose sensitive information when parsing HTML. This CVE ID is unique from CVE-2017-8112.

CVE-2017-1104 Microsoft ChakraCore/Edge A remote code execution vulnerability in Microsoft Edge could be exploited to execute arbitrary code when Microsoft Edge does not properly parse HTML. The vulnerability could be exploited to execute arbitrary code. This CVE ID is unique from CVE-2017-1105.

CVE-2017-1105 Microsoft ChakraCore/Edge A remote code execution vulnerability in Microsoft Edge could be exploited to execute arbitrary code when Microsoft Edge fails to properly handle specific HTML content. The vulnerability could be exploited to execute arbitrary code. This CVE ID is unique from CVE-2017-1104.

CVE-2017-1109 Microsoft Edge An information disclosure vulnerability in Microsoft Edge could allow an attacker to potentially disclose sensitive information when parsing HTML. The vulnerability could be exploited to potentially disclose sensitive information when parsing HTML. This CVE ID is unique from CVE-2017-1110.

Microsoft Edge (Chakra) Core CVE-2017-8112

A remote code execution vulnerability exists when Microsoft Edge does not properly parse HTML. The vulnerability could allow remote code execution. This CVE ID is unique from CVE-2017-8110.

Microsoft Edge Go To An Issue

A vulnerability in Microsoft Edge could allow an attacker to potentially disclose sensitive information when parsing HTML. The vulnerability could be exploited to potentially disclose sensitive information when parsing HTML. This CVE ID is unique from CVE-2017-1110.

Microsoft Office/Office Server Software

CVE-2017-1110 Microsoft Edge An information disclosure vulnerability in Microsoft Edge could allow an attacker to potentially disclose sensitive information when parsing HTML. The vulnerability could be exploited to potentially disclose sensitive information when parsing HTML. This CVE ID is unique from CVE-2017-1109.

CVE-2017-1112 Microsoft Word A remote code execution vulnerability in Microsoft Word could be exploited to execute arbitrary code when a user opens a specially crafted Office document or visits a malicious website that contains embedded Office content. The vulnerability could be exploited to execute arbitrary code in the context of the current user. This CVE ID is unique from CVE-2017-8114 and CVE-2017-8115.

Microsoft Edge Multiple Vulnerabilities

The vulnerabilities are in the Microsoft Edge browser. They affect Microsoft Edge and Microsoft ChakraCore/Edge. The flaws have been labeled CVE-2017-8110, CVE-2017-1104, CVE-2017-1105, and CVE-2017-1109. They are all unique from each other because of different specificities.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe