CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
69.9%
The version of Microsoft Edge installed on the remote Windows host is prior to 107.0.1418.24. It is, therefore, affected by multiple vulnerabilities as referenced in the October 27, 2022 advisory.
Type Confusion in V8. (CVE-2022-3652)
Heap buffer overflow in Vulkan. (CVE-2022-3653)
Use after free in Layout. (CVE-2022-3654)
Heap buffer overflow in Media Galleries. (CVE-2022-3655)
Insufficient data validation in File System. (CVE-2022-3656)
Use after free in Extensions. (CVE-2022-3657)
Inappropriate implementation in Full screen mode. (CVE-2022-3660)
Insufficient data validation in Extensions. (CVE-2022-3661)
Note that Nessus has not tested for these issues but has instead relied only on the applicationβs self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(166629);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/11/28");
script_cve_id(
"CVE-2022-3652",
"CVE-2022-3653",
"CVE-2022-3654",
"CVE-2022-3655",
"CVE-2022-3656",
"CVE-2022-3657",
"CVE-2022-3660",
"CVE-2022-3661"
);
script_xref(name:"IAVA", value:"2022-A-0446-S");
script_xref(name:"IAVA", value:"2022-A-0454-S");
script_name(english:"Microsoft Edge (Chromium) < 107.0.1418.24 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"The remote host has an web browser installed that is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Microsoft Edge installed on the remote Windows host is prior to 107.0.1418.24. It is, therefore, affected
by multiple vulnerabilities as referenced in the October 27, 2022 advisory.
- Type Confusion in V8. (CVE-2022-3652)
- Heap buffer overflow in Vulkan. (CVE-2022-3653)
- Use after free in Layout. (CVE-2022-3654)
- Heap buffer overflow in Media Galleries. (CVE-2022-3655)
- Insufficient data validation in File System. (CVE-2022-3656)
- Use after free in Extensions. (CVE-2022-3657)
- Inappropriate implementation in Full screen mode. (CVE-2022-3660)
- Insufficient data validation in Extensions. (CVE-2022-3661)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#october-27-2022
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?57027261");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3652");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3653");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3654");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3655");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3656");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3657");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3660");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3661");
script_set_attribute(attribute:"solution", value:
"Upgrade to Microsoft Edge version 107.0.1418.24 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-3657");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/10/25");
script_set_attribute(attribute:"patch_publication_date", value:"2022/10/27");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/10/27");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:edge");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("microsoft_edge_chromium_installed.nbin");
script_require_keys("installed_sw/Microsoft Edge (Chromium)", "SMB/Registry/Enumerated");
exit(0);
}
include('vcf.inc');
get_kb_item_or_exit('SMB/Registry/Enumerated');
var app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);
var constraints = [
{ 'fixed_version' : '107.0.1418.24' }
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3652
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3653
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3654
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3655
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3656
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3657
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3660
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3661
www.nessus.org/u?57027261
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3652
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3653
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3654
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3655
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3656
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3657
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3660
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3661
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
69.9%