Log

CVE-2017-2365 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ A validation issue has been found in variable handling in WebKitGTK+ before 2.14.4, leading to cross-origin data exfiltration while processing maliciously crafted web content.
References
+ https://webkitgtk.org/security/WSA-2017-0002.html
Notes
CVE-2017-2366 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
References
+ https://webkitgtk.org/security/WSA-2017-0002.html
Notes
CVE-2017-2367 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Same-origin policy bypass
Description
+ An issue has been found in WebKit, allowing remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
References
+ https://webkitgtk.org/security/WSA-2017-0003.html
Notes
CVE-2017-2369 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
References
+ https://webkitgtk.org/security/WSA-2017-0002.html
Notes
CVE-2017-2371 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ An issue has been found in the handling of blocking popups in WebKitGTK+ before 2.14.4, allowing a malicious website to open popups.
References
+ https://webkitgtk.org/security/WSA-2017-0002.html
Notes
CVE-2017-2373 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
References
+ https://webkitgtk.org/security/WSA-2017-0002.html
Notes
CVE-2017-2376 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Content spoofing
Description
+ An issue has been found in WebKit, allowing remote attackers to spoof the address bar by leveraging text input during the loading of a page.
References
+ https://webkitgtk.org/security/WSA-2017-0003.html
Notes
CVE-2017-2377 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ This issue involves the “WebKit Web Inspector” component. It allows attackers to cause a denial of service (memory corruption and application crash) by leveraging a window-close action during a debugger-pause state.
References
+ https://webkitgtk.org/security/WSA-2017-0003.html
Notes
CVE-2017-2386 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Same-origin policy bypass
Description
+ An issue has been found in WebKit, allowing remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
References
+ https://webkitgtk.org/security/WSA-2017-0003.html
Notes
CVE-2017-2392 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ An issue has been found in WebKit, allowing attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
References
+ https://webkitgtk.org/security/WSA-2017-0003.html
Notes