Описание
Microsoft Edge (Chromium-based) Spoofing Vulnerability
FAQ
What is the version information for this release?
| Microsoft Edge Channel | Microsoft Edge Version | Date Released | Based on Chromium Version |
|---|---|---|---|
| Stable | 121.0.2277.83 | 1/25/2024 | 121.0.6167.85/.86 |
| Extended Stable | 120.0.2210.160 | 1/25/2024 | 120.0.6099.268 |
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
An attacker must send the user a malicious file and convince them to open it.
According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N), some loss of integrity (I:L) but have no effect on availability (A:N). How could an attacker impact the PDF File Signature?
An attacker could spoof the PDF signature stamp by tricking the user with a forgery when they open a digitally signed PDF and view the visual signature stamp.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
3.3 Low
CVSS3
Связанные уязвимости
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Уязвимость браузера Microsoft Edge, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю проводить спуфинг-атаки
EPSS
3.3 Low
CVSS3