Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2017:2933-1

Опубликовано: 06 нояб. 2017
Источник: suse-cvrf

Описание

Security update for webkit2gtk3

This update for webkit2gtk3 to version 2.18.0 fixes the following issues:

These security issues were fixed:

  • CVE-2017-7039: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469).
  • CVE-2017-7018: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469).
  • CVE-2017-7030: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469).
  • CVE-2017-7037: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469).
  • CVE-2017-7034: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469).
  • CVE-2017-7055: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469).
  • CVE-2017-7056: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469).
  • CVE-2017-7064: An issue was fixed that allowed remote attackers to bypass intended memory-read restrictions via a crafted app (bsc#1050469).
  • CVE-2017-7061: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469).
  • CVE-2017-7048: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469).
  • CVE-2017-7046: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469).
  • CVE-2017-2538: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1045460)
  • CVE-2017-2496: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
  • CVE-2017-2539: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
  • CVE-2017-2510: An issue was fixed that allowed remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with pageshow events.
  • CVE-2017-2365: An issue was fixed that allowed remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site (bsc#1024749)
  • CVE-2017-2366: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1024749)
  • CVE-2017-2373: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1024749)
  • CVE-2017-2363: An issue was fixed that allowed remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site (bsc#1024749)
  • CVE-2017-2362: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1024749)
  • CVE-2017-2350: An issue was fixed that allowed remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site (bsc#1024749)
  • CVE-2017-2350: An issue was fixed that allowed remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site (bsc#1024749)
  • CVE-2017-2354: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1024749).
  • CVE-2017-2355: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access and application crash) via a crafted web site (bsc#1024749)
  • CVE-2017-2356: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1024749)
  • CVE-2017-2371: An issue was fixed that allowed remote attackers to launch popups via a crafted web site (bsc#1024749)
  • CVE-2017-2364: An issue was fixed that allowed remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site (bsc#1024749)
  • CVE-2017-2369: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1024749)
  • CVE-2016-7656: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950)
  • CVE-2016-7635: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950)
  • CVE-2016-7654: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950)
  • CVE-2016-7639: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950)
  • CVE-2016-7645: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950)
  • CVE-2016-7652: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950)
  • CVE-2016-7641: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950)
  • CVE-2016-7632: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950)
  • CVE-2016-7599: An issue was fixed that allowed remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that used HTTP redirects (bsc#1020950)
  • CVE-2016-7592: An issue was fixed that allowed remote attackers to obtain sensitive information via crafted JavaScript prompts on a web site (bsc#1020950)
  • CVE-2016-7589: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950)
  • CVE-2016-7623: An issue was fixed that allowed remote attackers to obtain sensitive information via a blob URL on a web site (bsc#1020950)
  • CVE-2016-7586: An issue was fixed that allowed remote attackers to obtain sensitive information via a crafted web site (bsc#1020950)

For other non-security fixes please check the changelog.

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2
libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
libwebkit2gtk-4_0-37-2.18.0-2.9.1
libwebkit2gtk3-lang-2.18.0-2.9.1
typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
typelib-1_0-WebKit2-4_0-2.18.0-2.9.1
webkit2gtk-4_0-injected-bundles-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP3
libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
libwebkit2gtk-4_0-37-2.18.0-2.9.1
libwebkit2gtk3-lang-2.18.0-2.9.1
typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
typelib-1_0-WebKit2-4_0-2.18.0-2.9.1
webkit2gtk-4_0-injected-bundles-2.18.0-2.9.1
SUSE Linux Enterprise Server 12 SP2
libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
libwebkit2gtk-4_0-37-2.18.0-2.9.1
typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
typelib-1_0-WebKit2-4_0-2.18.0-2.9.1
webkit2gtk-4_0-injected-bundles-2.18.0-2.9.1
SUSE Linux Enterprise Server 12 SP3
libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
libwebkit2gtk-4_0-37-2.18.0-2.9.1
typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
typelib-1_0-WebKit2-4_0-2.18.0-2.9.1
webkit2gtk-4_0-injected-bundles-2.18.0-2.9.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
libwebkit2gtk-4_0-37-2.18.0-2.9.1
typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
typelib-1_0-WebKit2-4_0-2.18.0-2.9.1
webkit2gtk-4_0-injected-bundles-2.18.0-2.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
libwebkit2gtk-4_0-37-2.18.0-2.9.1
typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
typelib-1_0-WebKit2-4_0-2.18.0-2.9.1
webkit2gtk-4_0-injected-bundles-2.18.0-2.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
libwebkit2gtk-4_0-37-2.18.0-2.9.1
typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
typelib-1_0-WebKit2-4_0-2.18.0-2.9.1
webkit2gtk-4_0-injected-bundles-2.18.0-2.9.1
SUSE Linux Enterprise Software Development Kit 12 SP2
webkit2gtk3-devel-2.18.0-2.9.1
SUSE Linux Enterprise Software Development Kit 12 SP3
webkit2gtk3-devel-2.18.0-2.9.1
SUSE Linux Enterprise Workstation Extension 12 SP2
libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Workstation Extension 12 SP3
libwebkit2gtk3-lang-2.18.0-2.9.1

Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component, which allows remote attackers to obtain sensitive information via crafted JavaScript prompts on a web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that uses HTTP redirects.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a blob URL on a web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WebKit" component, which allows remote attackers to launch popups via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with pageshow events.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки

Описание

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libjavascriptcoregtk-4_0-18-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk-4_0-37-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:libwebkit2gtk3-lang-2.18.0-2.9.1
SUSE Linux Enterprise Desktop 12 SP2:typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9.1
Ссылки
Уязвимость SUSE-SU-2017:2933-1