webkit2gtk: Multiple vulnerabilities (Various CVEs)
CVE-2017-7087
Versions affected: WebKitGTK+ before 2.18.0
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7089
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to universal
cross site scripting.
Description: A logic issue existed in the handling of the parent-tab.
CVE-2017-7090
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Cookies belonging to one origin may be sent to another origin.
Description: A permissions issue existed in the handling of web browser
cookies.
CVE-2017-7091
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7092
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7093
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7095
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7096
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7098
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7100
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7102
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7104
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7107
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7109
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to a cross
site scripting attack.
Description: Application Cache policy may be unexpectedly applied.
CVE-2017-7111
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7117
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7120
Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
References:
https://webkitgtk.org/security/WSA-2017-0008.html
(from redmine: issue id 8053, created on 2017-10-24, closed on 2017-12-28)
- Relations:
- child #8054 (closed)
- child #8055 (closed)