Описание
The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote attackers to cause a denial of service (Buffer Overflow) or possibly have unspecified other impact, related to UIProcess/API/gtk/WebKitScriptDialogGtk.cpp, UIProcess/API/gtk/WebKitScriptDialogImpl.cpp, and UIProcess/API/gtk/WebKitWebViewGtk.cpp, as demonstrated by GNOME Web (aka Epiphany).
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingPermissions RequiredThird Party Advisory
- PatchThird Party Advisory
- PatchVendor Advisory
- Third Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingPermissions RequiredThird Party Advisory
- PatchThird Party Advisory
- PatchVendor Advisory
- Third Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
Уязвимые конфигурации
Одно из
Одно из
Одно из
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote attackers to cause a denial of service (Buffer Overflow) or possibly have unspecified other impact, related to UIProcess/API/gtk/WebKitScriptDialogGtk.cpp, UIProcess/API/gtk/WebKitScriptDialogImpl.cpp, and UIProcess/API/gtk/WebKitWebViewGtk.cpp, as demonstrated by GNOME Web (aka Epiphany).
The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.9 ...
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2