[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

[3.6] webkit2gtk: Several vulnerabilities (Various CVEs)

ID: oval:org.secpod.oval:def:1800089Date: (C)2018-03-28   (M)2024-01-29
Class: PATCHFamily: unix




CVE-2016-9643:The regex code in WebKit allows remote attackers to cause a denial of service as demonstrated in a large number of . Versions affected: WebKitGTK+ before 2.14.6 CVE-2017-2367: This issue allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2377: This issue involves the WebKit Web Inspector component. It allows attackers to cause a denial of service by leveraging a window-close action during a debugger-pause state. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2392: This issue allows attackers to execute arbitrary code or cause a denial of service via a crafted app. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2394: This issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted web site. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2415: This issue allows remote attackers to execute arbitrary code by leveraging an unspecified type confusion.. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2419: This issue allows remote attackers to bypass a Content Security Policy protection mechanism via unspecified vectors. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2442: This issue involves the WebKit JavaScript Bindings component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2446: This issue allows remote attackers to execute arbitrary code via a crafted web site that leverages the mishandling of strict mode functions. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2454: This issue allows allows remote attackers to execute arbitrary code or cause a denial of service via a crafted web site. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2459: This issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted web site. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2460: This issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted web site. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2465: This issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted web site. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2466: This issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted web site. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2468: This issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted web site. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2470: This issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted web site. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2471: A use-after-free vulnerability allows remote attackers to execute arbitrary code via a crafted web site. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2475: This issue allows remote attackers to conduct Universal XSS attacks via crafted use of frames on a web site. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2476: This issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted web site. Versions affected: WebKitGTK+ before 2.14.6. CVE-2017-2481: This issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted web site. Versions affected: WebKitGTK+ before 2.14.6.

Platform:
Alpine Linux 3.6
Product:
webkit2gtk
Reference:
7422
CVE-2016-9643
CVE-2017-2367
CVE-2017-2377
CVE-2017-2392
CVE-2017-2394
CVE-2017-2415
CVE-2017-2419
CVE-2017-2442
CVE-2017-2446
CVE-2017-2454
CVE-2017-2459
CVE-2017-2460
CVE-2017-2465
CVE-2017-2466
CVE-2017-2468
CVE-2017-2470
CVE-2017-2471
CVE-2017-2475
CVE-2017-2476
CVE-2017-2481
CVE-2016-9642
CVE-2017-2364
CVE-2017-2376
CVE-2017-2386
CVE-2017-2395
CVE-2017-2396
CVE-2017-2405
CVE-2017-2433
CVE-2017-2445
CVE-2017-2447
CVE-2017-2455
CVE-2017-2457
CVE-2017-2464
CVE-2017-2469
CVE-2017-2496
CVE-2017-2504
CVE-2017-2505
CVE-2017-2506
CVE-2017-2508
CVE-2017-2510
CVE-2017-2514
CVE-2017-2515
CVE-2017-2521
CVE-2017-2525
CVE-2017-2526
CVE-2017-2528
CVE-2017-2530
CVE-2017-2531
CVE-2017-2536
CVE-2017-2539
CVE-2017-2544
CVE-2017-2547
CVE-2017-2549
CVE-2017-6980
CVE-2017-6984
CVE    55
CVE-2016-9643
CVE-2016-9642
CVE-2017-2433
CVE-2017-2470
...
CPE    2
cpe:/a:webkitgtk:webkit2gtk
cpe:/o:alpinelinux:alpine_linux:3.6

© SecPod Technologies