Vulnerabilities > CVE-2018-12294 - Use After Free vulnerability in Webkit Webkitgtk+
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a WebCore::TextureMapperLayer object.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |
Common Weakness Enumeration (CWE)
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-201808-04.NASL |
description | The remote host is affected by the vulnerability described in GLSA-201808-04 (WebkitGTK+: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. Impact : A remote attacker could execute arbitrary commands or cause a denial of service condition via a maliciously crafted web content. Workaround : There is no known workaround at this time. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 112078 |
published | 2018-08-23 |
reporter | This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/112078 |
title | GLSA-201808-04 : WebkitGTK+: Multiple vulnerabilities |
References
- http://packetstormsecurity.com/files/148200/WebKitGTK-Data-Leak-Code-Execution.html
- http://packetstormsecurity.com/files/148200/WebKitGTK-Data-Leak-Code-Execution.html
- http://www.openwall.com/lists/oss-security/2018/06/14/1
- http://www.openwall.com/lists/oss-security/2018/06/14/1
- http://www.securityfocus.com/archive/1/542087/100/0/threaded
- http://www.securityfocus.com/archive/1/542087/100/0/threaded
- https://bugs.webkit.org/show_bug.cgi?id=184729
- https://bugs.webkit.org/show_bug.cgi?id=184729
- https://security.gentoo.org/glsa/201808-04
- https://security.gentoo.org/glsa/201808-04
- https://trac.webkit.org/changeset/231300/webkit
- https://trac.webkit.org/changeset/231300/webkit