Microsoft Edge (Chromium) < 108.0.1462.41 Multiple Vulnerabilities

high Nessus Plugin ID 168406

Synopsis

The remote host has an web browser installed that is affected by multiple vulnerabilities.

Description

The version of Microsoft Edge installed on the remote Windows host is prior to 108.0.1462.41. It is, therefore, affected by multiple vulnerabilities as referenced in the December 5, 2022 advisory.

- Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-4174)

- Use after free in Camera Capture in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-4175)

- Use after free in Extensions in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install an extension to potentially exploit heap corruption via a crafted Chrome Extension and UI interaction. (Chromium security severity: High) (CVE-2022-4177)

- Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-4178)

- Use after free in Audio in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
(Chromium security severity: High) (CVE-2022-4179)

- Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
(Chromium security severity: High) (CVE-2022-4180)

- Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-4181)

- Inappropriate implementation in Fenced Frames in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass fenced frame restrictions via a crafted HTML page. (Chromium security severity: Medium) (CVE-2022-4182)

- Insufficient policy enforcement in Popup Blocker in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) (CVE-2022-4183)

- Insufficient policy enforcement in Autofill in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Medium) (CVE-2022-4184)

- Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. (Chromium security severity:
Medium) (CVE-2022-4185)

- Insufficient validation of untrusted input in Downloads in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass Downloads restrictions via a crafted HTML page. (Chromium security severity: Medium) (CVE-2022-4186)

- Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity:
Medium) (CVE-2022-4187)

- Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium) (CVE-2022-4188)

- Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium) (CVE-2022-4189)

- Insufficient data validation in Directory in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium) (CVE-2022-4190)

- Use after free in Sign-In in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via profile destruction. (Chromium security severity: Medium) (CVE-2022-4191)

- Use after free in Live Caption in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: Medium) (CVE-2022-4192)

- Insufficient policy enforcement in File System API in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity:
Medium) (CVE-2022-4193)

- Use after free in Accessibility in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) (CVE-2022-4194)

- Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass Safe Browsing warnings via a malicious file. (Chromium security severity: Medium) (CVE-2022-4195)

- Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-4262)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Microsoft Edge version 108.0.1462.41 or later.

See Also

http://www.nessus.org/u?26b297b9

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41115

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4174

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4175

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4177

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4178

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4179

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4180

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4181

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4182

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4183

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4184

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4185

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4186

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4187

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4188

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4189

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4190

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4191

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4192

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4193

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4194

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4195

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4262

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44688

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44708

Plugin Details

Severity: High

ID: 168406

File Name: microsoft_edge_chromium_108_0_1462_41.nasl

Version: 1.8

Type: local

Agent: windows

Family: Windows

Published: 12/5/2022

Updated: 9/20/2023

Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.1

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2022-4262

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:edge

Required KB Items: installed_sw/Microsoft Edge (Chromium), SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/5/2022

Vulnerability Publication Date: 11/29/2022

CISA Known Exploited Vulnerability Due Dates: 12/26/2022

Reference Information

CVE: CVE-2022-41115, CVE-2022-4174, CVE-2022-4175, CVE-2022-4177, CVE-2022-4178, CVE-2022-4179, CVE-2022-4180, CVE-2022-4181, CVE-2022-4182, CVE-2022-4183, CVE-2022-4184, CVE-2022-4185, CVE-2022-4186, CVE-2022-4187, CVE-2022-4188, CVE-2022-4189, CVE-2022-4190, CVE-2022-4191, CVE-2022-4192, CVE-2022-4193, CVE-2022-4194, CVE-2022-4195, CVE-2022-4262, CVE-2022-44688, CVE-2022-44708

IAVA: 2022-A-0507-S, 2022-A-0510-S