CVSS: 6.5EPSS: 2%CPEs: 2EXPL: 0CVE-2019-11070 – webkitgtk: HTTP proxy setting deanonymization information disclosure
https://notcve.org/view.php?id=CVE-2019-11070
WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. WebKitGTK y WPE WebKit en las versiones anteriores a 2.24.1 no aplican correctamente la configuración del proxy HTTP al descargar vídeo en directo (HLS, DASH o Smooth Streaming), lo que provocó un error de desanonimización. Este problema se corrigió cambiando la forma en que se descargan las transmisiones en directo. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00031.html http://packetstormsecurity.com/files/152485/WebKitGTK-WPE-WebKit-URI-Spoofing-Code-Execution.html http://www.openwall.com/lists/oss-security/2019/04/11/1 https://bugs.webkit.org/show_bug.cgi?id=193718 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YO5ZBUWOOXMVZPBYLZRDZF6ZQGBYJERQ https://seclists.org/bugtraq/2019/ • CWE-19: Data Processing Errors CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 9%CPEs: 6EXPL: 2CVE-2019-8375 – WebKitGTK 2.23.90 / WebKitGTK+ 2.22.6 - Denial of Service
https://notcve.org/view.php?id=CVE-2019-8375
The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote attackers to cause a denial of service (Buffer Overflow) or possibly have unspecified other impact, related to UIProcess/API/gtk/WebKitScriptDialogGtk.cpp, UIProcess/API/gtk/WebKitScriptDialogImpl.cpp, and UIProcess/API/gtk/WebKitWebViewGtk.cpp, as demonstrated by GNOME Web (aka Epiphany). El subsistema UIProcess en WebKit, tal y como se utiliza en WebKitGTK, hasta la versión 2.23.90, y WebKitGTK+, hasta la versión 2.22.6 y otros productos, no evita que el tamaño del diálogo del script sobrepase el tamaño de la vista web, lo que permite que los atacantes remotos provoquen una denegación de servicio (desbordamiento de búfer) o, posiblemente, otro tipo de impacto sin especificar. Esto está relacionado con UIProcess/API/gtk/WebKitScriptDialogGtk.cpp, UIProcess/API/gtk/WebKitScriptDialogImpl.cpp y UIProcess/API/gtk/WebKitWebViewGtk.cpp, tal y como queda demostrado por GNOME Web (también conocido como Epiphany). • https://www.exploit-db.com/exploits/46465 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00005.html https://bugs.webkit.org/show_bug.cgi?id=184875 https://github.com/WebKit/webkit/commit/6f9b511a115311b13c06eb58038ddc2c78da5531 https://trac.webkit.org/changeset/241515/webkit https://usn.ubuntu.com/3948-1 https://www.inputzero.io/2019/02/fuzzing-webkit.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 7EXPL: 0CVE-2019-6234 – Apple Safari CSSFontFace Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6234
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud para Windows 7.10. • http://www.securityfocus.com/bid/106691 https://security.gentoo.org/glsa/201903-12 https://support.apple.com/HT209443 https://support.apple.com/HT209447 https://support.apple.com/HT209449 https://support.apple.com/HT209450 https://support.apple.com/HT209451 • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 1%CPEs: 10EXPL: 1CVE-2019-6251 – webkitgtk: processing maliciously crafted web content lead to URI spoofing
https://notcve.org/view.php?id=CVE-2019-6251
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. WebKitGTK y WPE WebKit versiones anteriores a 2.24.1 permite la suplantación de la barra de direcciones en determinadas redirecciones de JavaScript. Un atacante puede hacer que el contenido web malicioso se muestre como si se tratara de una URL de confianza. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00031.html http://packetstormsecurity.com/files/152485/WebKitGTK-WPE-WebKit-URI-Spoofing-Code-Execution.html http://www.openwall.com/lists/oss-security/2019/04/11/1 https://bugs.webkit.org/show_bug.cgi?id=194208 https://gitlab.gnome.org/GNOME/epiphany/issues/532 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSCDI3 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2018-4207
https://notcve.org/view.php?id=CVE-2018-4207
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. En iOS en versiones anteriores a la 11.3, Safari en versiones anteriores a la 11.1, iCloud para Windows en versiones anteriores a la 7.4, tvOS en versiones anteriores a la 11.3, watchOS en versiones anteriores a la 4.3 e iTunes en versiones anteriores a la 12.7.4 para Windows, una interacción inesperada provoca un fallo ASSERT. Este problema se abordó mediante la mejora de las comprobaciones. • https://security.gentoo.org/glsa/201812-04 https://support.apple.com/HT208693%2C https://support.apple.com/HT208694 https://support.apple.com/HT208695%2C https://support.apple.com/HT208696%2C https://support.apple.com/HT208697%2C https://support.apple.com/HT208698%2C https://usn.ubuntu.com/3781-1 • CWE-20: Improper Input Validation •