Project

General

Profile

Bug #8054

Bug #8053: webkit2gtk: Multiple vulnerabilities (Various CVEs)

[3.7] webkit2gtk: Multiple vulnerabilities (Various CVEs)

Added by Alicha CH 12 months ago. Updated 10 months ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
Start date:
10/24/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:

Description

CVE-2017-7087

Versions affected: WebKitGTK+ before 2.18.0
Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2017-7089

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to universal cross site scripting.
Description: A logic issue existed in the handling of the parent-tab.

CVE-2017-7090

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Cookies belonging to one origin may be sent to another origin.
Description: A permissions issue existed in the handling of web browser cookies.

CVE-2017-7091

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2017-7092

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2017-7093

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2017-7095

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2017-7096

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2017-7098

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2017-7100

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2017-7102

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2017-7104

Versions affected: WebKitGTK+ before 2.18.0.

Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2017-7107

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2017-7109

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to a cross site scripting attack.
Description: Application Cache policy may be unexpectedly applied.

CVE-2017-7111

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2017-7117

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2017-7120

Versions affected: WebKitGTK+ before 2.18.0.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
Description: Multiple memory corruption issues were addressed with improved memory handling.

References:

https://webkitgtk.org/security/WSA-2017-0008.html

History

#1 Updated by Natanael Copa 11 months ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Alicha CH 10 months ago

  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF