Vulnerabilities > CVE-2018-4306 - Use After Free vulnerability in Apple products

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

apple

CWE-416

nessus

exploit available

NVD

Published: 2019-04-03

Updated: 2019-04-04

Summary

A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

Vulnerable Configurations

Part	Description	Count
OS	Apple Apple Iphone OS - Apple Iphone OS 1.0.0 Apple Iphone OS 1.0.1 Apple Iphone OS 1.0.2 Apple Iphone OS 1.1.0 Apple Iphone OS 1.1.1 Apple Iphone OS 1.1.2 Apple Iphone OS 1.1.3 Apple Iphone OS 1.1.4 Apple Iphone OS 1.1.5 Apple Iphone OS 2.0 Apple Iphone OS 2.0.0 Apple Iphone OS 2.0.1 Apple Iphone OS 2.0.2 Apple Iphone OS 2.1 Apple Iphone OS 2.1.1 Apple Iphone OS 2.2 Apple Iphone OS 2.2.1 Apple Iphone OS 3.0 Apple Iphone OS 3.0.1 Apple Iphone OS 3.1 Apple Iphone OS 3.1.1 Apple Iphone OS 3.1.2 Apple Iphone OS 3.1.3 Apple Iphone OS 3.2 Apple Iphone OS 3.2.1 Apple Iphone OS 3.2.2 Apple Iphone OS 4.0 Apple Iphone OS 4.0.1 Apple Iphone OS 4.0.2 Apple Iphone OS 4.1 Apple Iphone OS 4.2 Apple Iphone OS 4.2.1 Apple Iphone OS 4.2.5 Apple Iphone OS 4.2.6 Apple Iphone OS 4.2.7 Apple Iphone OS 4.2.8 Apple Iphone OS 4.2.9 Apple Iphone OS 4.2.10 Apple Iphone OS 4.3.0 Apple Iphone OS 4.3.1 Apple Iphone OS 4.3.2 Apple Iphone OS 4.3.3 Apple Iphone OS 4.3.4 Apple Iphone OS 4.3.5 Apple Iphone OS 5.0 Apple Iphone OS 5.0.1 Apple Iphone OS 5.1 Apple Iphone OS 5.1.1 Apple Iphone OS 6.0 Apple Iphone OS 6.0.1 Apple Iphone OS 6.0.2 Apple Iphone OS 6.1 Apple Iphone OS 6.1.2 Apple Iphone OS 6.1.3 Apple Iphone OS 6.1.4 Apple Iphone OS 6.1.5 Apple Iphone OS 6.1.6 Apple Iphone OS 7.0 Apple Iphone OS 7.0.1 Apple Iphone OS 7.0.2 Apple Iphone OS 7.0.3 Apple Iphone OS 7.0.4 Apple Iphone OS 7.0.5 Apple Iphone OS 7.0.6 Apple Iphone OS 7.1 Apple Iphone OS 7.1.1 Apple Iphone OS 7.1.2 Apple Iphone OS 8.0 Apple Iphone OS 8.0.1 Apple Iphone OS 8.0.2 Apple Iphone OS 8.1 Apple Iphone OS 8.1.1 Apple Iphone OS 8.1.2 Apple Iphone OS 8.1.3 Apple Iphone OS 8.2 Apple Iphone OS 8.3 Apple Iphone OS 8.4 Apple Iphone OS 8.4.1 Apple Iphone OS 9.0 Apple Iphone OS 9.0.1 Apple Iphone OS 9.0.2 Apple Iphone OS 9.1 Apple Iphone OS 9.2 Apple Iphone OS 9.2.1 Apple Iphone OS 9.3 Apple Iphone OS 9.3.1 Apple Iphone OS 9.3.2 Apple Iphone OS 9.3.3 Apple Iphone OS 9.3.4 Apple Iphone OS 9.3.5 Apple Iphone OS 9.3.6 Apple Iphone OS 10.0 Apple Iphone OS 10.0.1 Apple Iphone OS 10.0.2 Apple Iphone OS 10.0.3 Apple Iphone OS 10.1 Apple Iphone OS 10.1.1 Apple Iphone OS 10.2 Apple Iphone OS 10.2.1 Apple Iphone OS 10.3 Apple Iphone OS 10.3.1 Apple Iphone OS 10.3.2 Apple Iphone OS 10.3.3 Apple Iphone OS 10.3.4 Apple Iphone OS 11 Apple Iphone OS 11.0 Apple Iphone OS 11.0.1 Apple Iphone OS 11.0.2 Apple Iphone OS 11.0.3 Apple Iphone OS 11.1 Apple Iphone OS 11.1.1 Apple Iphone OS 11.1.2 Apple Iphone OS 11.2 Apple Iphone OS 11.2.1 Apple Iphone OS 11.2.2 Apple Iphone OS 11.2.5 Apple Iphone OS 11.2.6 Apple Iphone OS 11.3 Apple Iphone OS 11.3.1 Apple Iphone OS 11.4 Apple Iphone OS 11.4.1 Apple Tvos - Apple Tvos 1.0.0 Apple Tvos 1.1.0 Apple Tvos 2.0.0 Apple Tvos 2.0.1 Apple Tvos 2.0.2 Apple Tvos 2.1.0 Apple Tvos 2.2.0 Apple Tvos 2.3.0 Apple Tvos 2.3.1 Apple Tvos 2.4.0 Apple Tvos 3.0.0 Apple Tvos 3.0.1 Apple Tvos 3.0.2 Apple Tvos 4.1.0 Apple Tvos 4.1.1 Apple Tvos 4.2.0 Apple Tvos 4.2.1 Apple Tvos 4.2.2 Apple Tvos 4.3.0 Apple Tvos 4.4.0 Apple Tvos 4.4.2 Apple Tvos 4.4.3 Apple Tvos 4.4.4 Apple Tvos 5.0.0 Apple Tvos 5.0.1 Apple Tvos 5.0.2 Apple Tvos 5.1.0 Apple Tvos 5.1.1 Apple Tvos 5.2.0 Apple Tvos 6.0 Apple Tvos 6.0.1 Apple Tvos 6.0.2 Apple Tvos 6.1 Apple Tvos 6.1.1 Apple Tvos 6.1.2 Apple Tvos 6.2 Apple Tvos 6.2.1 Apple Tvos 7.0 Apple Tvos 7.0.1 Apple Tvos 7.0.2 Apple Tvos 7.0.3 Apple Tvos 7.1 Apple Tvos 9.0 Apple Tvos 9.0.1 Apple Tvos 9.1 Apple Tvos 9.1.1 Apple Tvos 9.2 Apple Tvos 9.2.1 Apple Tvos 9.2.2 Apple Tvos 10.0 Apple Tvos 10.0.1 Apple Tvos 10.1 Apple Tvos 10.1.1 Apple Tvos 10.2 Apple Tvos 10.2.1 Apple Tvos 10.2.2 Apple Tvos 10.3 Apple Tvos 11 Apple Tvos 11.0 Apple Tvos 11.1 Apple Tvos 11.2 Apple Tvos 11.2.1 Apple Tvos 11.2.6 Apple Tvos 11.3 Apple Tvos 11.4.1	244
OS	Microsoft Microsoft Windows -	1
Application	Apple Apple Safari - Apple Safari 1.0 Apple Safari 1.0.0 Apple Safari 1.0.0B1 Apple Safari 1.0.0B2 Apple Safari 1.0.1 Apple Safari 1.0.2 Apple Safari 1.0.3 Apple Safari 1.0B1 Apple Safari 1.1 Apple Safari 1.1.0 Apple Safari 1.1.1 Apple Safari 1.2 Apple Safari 1.2.0 Apple Safari 1.2.1 Apple Safari 1.2.2 Apple Safari 1.2.3 Apple Safari 1.2.4 Apple Safari 1.2.5 Apple Safari 1.3 Apple Safari 1.3.0 Apple Safari 1.3.1 Apple Safari 1.3.2 Apple Safari 2 Apple Safari 2.0 Apple Safari 2.0.0 Apple Safari 2.0.1 Apple Safari 2.0.2 Apple Safari 2.0.3 Apple Safari 2.0.4 Apple Safari 3 Apple Safari 3.0 Apple Safari 3.0.0 Apple Safari 3.0.0B Apple Safari 3.0.1 Apple Safari 3.0.1B Apple Safari 3.0.2 Apple Safari 3.0.2B Apple Safari 3.0.3 Apple Safari 3.0.3B Apple Safari 3.0.4 Apple Safari 3.0.4B Apple Safari 3.0.5 Apple Safari 3.1.0 Apple Safari 3.1.0B Apple Safari 3.1.1 Apple Safari 3.1.1B Apple Safari 3.1.2 Apple Safari 3.1.2B Apple Safari 3.2.0 Apple Safari 3.2.0B Apple Safari 3.2.1 Apple Safari 3.2.1B Apple Safari 3.2.2 Apple Safari 3.2.2B Apple Safari 4.0 Apple Safari 4.0.0B Apple Safari 4.0.1 Apple Safari 4.0.2 Apple Safari 4.0.3 Apple Safari 4.0.4 Apple Safari 4.0.5 Apple Safari 4.1 Apple Safari 4.1.1 Apple Safari 4.1.2 Apple Safari 4.1.3 Apple Safari 5.0 Apple Safari 5.0.1 Apple Safari 5.0.2 Apple Safari 5.0.3 Apple Safari 5.0.4 Apple Safari 5.0.5 Apple Safari 5.0.6 Apple Safari 5.1 Apple Safari 5.1.1 Apple Safari 5.1.2 Apple Safari 5.1.3 Apple Safari 5.1.4 Apple Safari 5.1.5 Apple Safari 5.1.6 Apple Safari 5.1.7 Apple Safari 6.0 Apple Safari 6.0.1 Apple Safari 6.0.2 Apple Safari 6.0.3 Apple Safari 6.0.4 Apple Safari 6.0.5 Apple Safari 6.1 Apple Safari 6.1.1 Apple Safari 6.1.2 Apple Safari 6.1.3 Apple Safari 6.1.4 Apple Safari 6.1.5 Apple Safari 6.2.1 Apple Safari 6.2.4 Apple Safari 6.2.5 Apple Safari 6.2.6 Apple Safari 6.2.8 Apple Safari 7.0 Apple Safari 7.0.1 Apple Safari 7.0.2 Apple Safari 7.0.3 Apple Safari 7.0.4 Apple Safari 7.0.5 Apple Safari 7.1 Apple Safari 7.1.1 Apple Safari 7.1.4 Apple Safari 7.1.5 Apple Safari 7.1.6 Apple Safari 7.1.8 Apple Safari 8.0 Apple Safari 8.0.1 Apple Safari 8.0.4 Apple Safari 8.0.5 Apple Safari 8.0.6 Apple Safari 8.0.8 Apple Safari 9.0.1 Apple Safari 9.0.2 Apple Safari 9.0.3 Apple Safari 9.1 Apple Safari 9.1.1 Apple Safari 9.1.3 Apple Safari 10.0.0 Apple Safari 10.0.1 Apple Safari 10.0.2 Apple Safari 10.0.3 Apple Safari 10.1 Apple Safari 10.1.1 Apple Safari 10.1.2 Apple Safari 11.0 Apple Safari 11.0.1 Apple Safari 11.0.2 Apple Safari 11.0.3 Apple Safari 11.1 Apple Safari 11.1.1 Apple Safari 11.1.2 Apple Icloud - Apple Icloud 5.2 Apple Icloud 5.2.1 Apple Icloud 6.0 Apple Icloud 6.0.1 Apple Icloud 6.1 Apple Icloud 6.1.1 Apple Icloud 6.2 Apple Icloud 6.2.2 Apple Icloud 7.0 Apple Icloud 7.1 Apple Icloud 7.2 Apple Icloud 7.3 Apple Icloud 7.4 Apple Icloud 7.5 Apple Icloud 7.6 Apple Itunes - Apple Itunes 4.0.0 Apple Itunes 4.0.1 Apple Itunes 4.1.0 Apple Itunes 4.2.0 Apple Itunes 4.5 Apple Itunes 4.5.0 Apple Itunes 4.6 Apple Itunes 4.6.0 Apple Itunes 4.7 Apple Itunes 4.7.0 Apple Itunes 4.7.1 Apple Itunes 4.7.2 Apple Itunes 4.8.0 Apple Itunes 4.9.0 Apple Itunes 5.0 Apple Itunes 5.0.0 Apple Itunes 5.0.1 Apple Itunes 6.0.0 Apple Itunes 6.0.1 Apple Itunes 6.0.2 Apple Itunes 6.0.3 Apple Itunes 6.0.4 Apple Itunes 6.0.5 Apple Itunes 7.0.0 Apple Itunes 7.0.1 Apple Itunes 7.0.2 Apple Itunes 7.1.0 Apple Itunes 7.1.1 Apple Itunes 7.2.0 Apple Itunes 7.3.0 Apple Itunes 7.3.1 Apple Itunes 7.3.2 Apple Itunes 7.4 Apple Itunes 7.4.0 Apple Itunes 7.4.1 Apple Itunes 7.4.2 Apple Itunes 7.4.3 Apple Itunes 7.5 Apple Itunes 7.5.0 Apple Itunes 7.6 Apple Itunes 7.6.0 Apple Itunes 7.6.1 Apple Itunes 7.6.2 Apple Itunes 7.7 Apple Itunes 7.7.0 Apple Itunes 7.7.1 Apple Itunes 8.0.0 Apple Itunes 8.0.1 Apple Itunes 8.1 Apple Itunes 9.0.0 Apple Itunes 9.0.1 Apple Itunes 9.0.2 Apple Itunes 9.0.3 Apple Itunes 9.1 Apple Itunes 9.1.1 Apple Itunes 9.2 Apple Itunes 9.2.1 Apple Itunes 10.0 Apple Itunes 10.0.1 Apple Itunes 10.1 Apple Itunes 10.1.1 Apple Itunes 10.1.1.4 Apple Itunes 10.1.2 Apple Itunes 10.2 Apple Itunes 10.2.2.12 Apple Itunes 10.3 Apple Itunes 10.3.1 Apple Itunes 10.4 Apple Itunes 10.4.0.80 Apple Itunes 10.4.1 Apple Itunes 10.4.1.10 Apple Itunes 10.5 Apple Itunes 10.5.1 Apple Itunes 10.5.1.42 Apple Itunes 10.5.2 Apple Itunes 10.5.3 Apple Itunes 10.6 Apple Itunes 10.6.1 Apple Itunes 10.6.3 Apple Itunes 10.7 Apple Itunes 11.0 Apple Itunes 11.0.1 Apple Itunes 11.0.2 Apple Itunes 11.0.3 Apple Itunes 11.0.4 Apple Itunes 11.0.5 Apple Itunes 11.1 Apple Itunes 11.1.1 Apple Itunes 11.1.2 Apple Itunes 11.1.3 Apple Itunes 11.1.4 Apple Itunes 11.1.5 Apple Itunes 11.2 Apple Itunes 11.2.1 Apple Itunes 12.0 Apple Itunes 12.0.0 Apple Itunes 12.0.1 Apple Itunes 12.0.4 Apple Itunes 12.1 Apple Itunes 12.1.1 Apple Itunes 12.1.2 Apple Itunes 12.1.3 Apple Itunes 12.2 Apple Itunes 12.2.1 Apple Itunes 12.2.2 Apple Itunes 12.3 Apple Itunes 12.3.0 Apple Itunes 12.3.1 Apple Itunes 12.4 Apple Itunes 12.4.1 Apple Itunes 12.4.2 Apple Itunes 12.4.3 Apple Itunes 12.5 Apple Itunes 12.5.0 Apple Itunes 12.5.1 Apple Itunes 12.5.2 Apple Itunes 12.5.3 Apple Itunes 12.5.4 Apple Itunes 12.5.5 Apple Itunes 12.5.5.5 Apple Itunes 12.6 Apple Itunes 12.6.1 Apple Itunes 12.6.2 Apple Itunes 12.6.3 Apple Itunes 12.7 Apple Itunes 12.7.1 Apple Itunes 12.7.2 Apple Itunes 12.7.3 Apple Itunes 12.7.4 Apple Itunes 12.7.5 Apple Itunes 12.8	411

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

Exploit-Db

description	WebKit - 'WebCore::Node::ensureRareData' Use-After-Free. CVE-2018-4306. Dos exploit for Multiple platform. Tags: Use After Free (UAF)
id	EDB-ID:45482
last seen	2018-10-07
modified	2018-09-25
published	2018-09-25
reporter	Exploit-DB
source	https://www.exploit-db.com/download/45482/
title	WebKit - 'WebCore::Node::ensureRareData' Use-After-Free

Nessus

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-68.NASL
description	This update for webkit2gtk3 to version 2.22.4 fixes the following issues : Security issues fixed : CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4392, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4358, CVE-2018-4359, CVE-2018-4361, CVE-2018-4345, CVE-2018-4372, CVE-2018-4373, CVE-2018-4375, CVE-2018-4376, CVE-2018-4416, CVE-2018-4378, CVE-2018-4382, CVE-2018-4386 (bsc#1110279, bsc#1116998). This update was imported from the SUSE:SLE-12-SP2:Update update project.
last seen	2020-06-01
modified	2020-06-02
plugin id	121291
published	2019-01-22
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/121291
title	openSUSE Security Update : webkit2gtk3 (openSUSE-2019-68)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-68. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(121291); script_version("1.2"); script_cvs_date("Date: 2019/04/30 14:30:16"); script_cve_id("CVE-2018-4191", "CVE-2018-4197", "CVE-2018-4207", "CVE-2018-4208", "CVE-2018-4209", "CVE-2018-4210", "CVE-2018-4212", "CVE-2018-4213", "CVE-2018-4261", "CVE-2018-4262", "CVE-2018-4263", "CVE-2018-4264", "CVE-2018-4265", "CVE-2018-4266", "CVE-2018-4267", "CVE-2018-4270", "CVE-2018-4272", "CVE-2018-4273", "CVE-2018-4278", "CVE-2018-4284", "CVE-2018-4299", "CVE-2018-4306", "CVE-2018-4309", "CVE-2018-4312", "CVE-2018-4314", "CVE-2018-4315", "CVE-2018-4316", "CVE-2018-4317", "CVE-2018-4318", "CVE-2018-4319", "CVE-2018-4323", "CVE-2018-4328", "CVE-2018-4345", "CVE-2018-4358", "CVE-2018-4359", "CVE-2018-4361", "CVE-2018-4372", "CVE-2018-4373", "CVE-2018-4375", "CVE-2018-4376", "CVE-2018-4378", "CVE-2018-4382", "CVE-2018-4386", "CVE-2018-4392", "CVE-2018-4416"); script_name(english:"openSUSE Security Update : webkit2gtk3 (openSUSE-2019-68)"); script_summary(english:"Check for the openSUSE-2019-68 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for webkit2gtk3 to version 2.22.4 fixes the following issues : Security issues fixed : CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4392, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4358, CVE-2018-4359, CVE-2018-4361, CVE-2018-4345, CVE-2018-4372, CVE-2018-4373, CVE-2018-4375, CVE-2018-4376, CVE-2018-4416, CVE-2018-4378, CVE-2018-4382, CVE-2018-4386 (bsc#1110279, bsc#1116998). This update was imported from the SUSE:SLE-12-SP2:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1110279" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1116998" ); script_set_attribute( attribute:"solution", value:"Update the affected webkit2gtk3 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit-jsc-4"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit2gtk3-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit2gtk3-plugin-process-gtk2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit2gtk3-plugin-process-gtk2-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3"); script_set_attribute(attribute:"patch_publication_date", value:"2019/01/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/22"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE42.3", reference:"libjavascriptcoregtk-4_0-18-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"libjavascriptcoregtk-4_0-18-debuginfo-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"libwebkit2gtk-4_0-37-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"libwebkit2gtk-4_0-37-debuginfo-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"libwebkit2gtk3-lang-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"typelib-1_0-JavaScriptCore-4_0-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"typelib-1_0-WebKit2-4_0-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"typelib-1_0-WebKit2WebExtension-4_0-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"webkit-jsc-4-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"webkit-jsc-4-debuginfo-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"webkit2gtk-4_0-injected-bundles-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"webkit2gtk-4_0-injected-bundles-debuginfo-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"webkit2gtk3-debugsource-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"webkit2gtk3-devel-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"webkit2gtk3-minibrowser-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"webkit2gtk3-minibrowser-debuginfo-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"webkit2gtk3-plugin-process-gtk2-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"webkit2gtk3-plugin-process-gtk2-debuginfo-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libjavascriptcoregtk-4_0-18-32bit-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libjavascriptcoregtk-4_0-18-debuginfo-32bit-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libwebkit2gtk-4_0-37-32bit-2.22.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libwebkit2gtk-4_0-37-debuginfo-32bit-2.22.4-15.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-32bit / etc"); }

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-3781-1.NASL
description	A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	117914
published	2018-10-04
reporter	Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/117914
title	Ubuntu 18.04 LTS : webkit2gtk vulnerabilities (USN-3781-1)

NASL family	MacOS X Local Security Checks
NASL id	MACOSX_SAFARI12.NASL
description	The version of Apple Safari installed on the remote macOS or Mac OS X host is prior to 12. It is, therefore, affected by multiple vulnerabilities.
last seen	2020-06-01
modified	2020-06-02
plugin id	117617
published	2018-09-20
reporter	This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/117617
title	macOS : Apple Safari < 12 Multiple Vulnerabilities

NASL family	Windows
NASL id	ITUNES_12_9.NASL
description	The version of Apple iTunes installed on the remote Windows host is prior to 12.9. It is, therefore, affected by multiple vulnerabilities as referenced in the HT209140 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application
last seen	2020-06-01
modified	2020-06-02
plugin id	117880
published	2018-10-02
reporter	This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/117880
title	Apple iTunes < 12.9 Multiple Vulnerabilities (credentialed check)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-0092-1.NASL
description	This update for webkit2gtk3 to version 2.22.5 fixes the following issues : Security issues fixed : CVE-2018-4372, CVE-2018-4345, CVE-2018-4386, CVE-2018-4375, CVE-2018-4376, CVE-2018-4378, CVE-2018-4382, CVE-2018-4392, CVE-2018-4416, CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4358, CVE-2018-4359, CVE-2018-4361, CVE-2018-4373, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165, CVE-2018-11713, CVE-2018-4207, CVE-2018-4208, CVE-2018-4209, CVE-2018-4210, CVE-2018-4212, CVE-2018-4213, CVE-2018-4437, CVE-2018-4438, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464 (bsc#1119558, bsc#1116998, bsc#1110279) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	121206
published	2019-01-16
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/121206
title	SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2019:0092-1)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-81.NASL
description	This update for webkit2gtk3 to version 2.22.5 fixes the following issues : Security issues fixed : - CVE-2018-4372, CVE-2018-4345, CVE-2018-4386, CVE-2018-4375, CVE-2018-4376, CVE-2018-4378, CVE-2018-4382, CVE-2018-4392, CVE-2018-4416, CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4358, CVE-2018-4359, CVE-2018-4361, CVE-2018-4373, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165, CVE-2018-11713, CVE-2018-4207, CVE-2018-4208, CVE-2018-4209, CVE-2018-4210, CVE-2018-4212, CVE-2018-4213, CVE-2018-4437, CVE-2018-4438, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464 (bsc#1119558, bsc#1116998, bsc#1110279) This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-06-01
modified	2020-06-02
plugin id	121339
published	2019-01-24
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/121339
title	openSUSE Security Update : webkit2gtk3 (openSUSE-2019-81)

NASL family	Peer-To-Peer File Sharing
NASL id	ITUNES_12_9_BANNER.NASL
description	The version of Apple iTunes installed on the remote Windows host is prior to 12.9. It is, therefore, affected by multiple vulnerabilities in WebKit as referenced in the HT209140 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application
last seen	2020-06-01
modified	2020-06-02
plugin id	117879
published	2018-10-02
reporter	This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/117879
title	Apple iTunes < 12.9 Multiple Vulnerabilities (uncredentialed check)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-0059-1.NASL
description	This update for webkit2gtk3 to version 2.22.4 fixes the following issues : Security issues fixed : CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4392, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4358, CVE-2018-4359, CVE-2018-4361, CVE-2018-4345, CVE-2018-4372, CVE-2018-4373, CVE-2018-4375, CVE-2018-4376, CVE-2018-4416, CVE-2018-4378, CVE-2018-4382, CVE-2018-4386 (bsc#1110279, bsc#1116998). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	121093
published	2019-01-11
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/121093
title	SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2019:0059-1)

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201812-04.NASL
description	The remote host is affected by the vulnerability described in GLSA-201812-04 (WebkitGTK+: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. Impact : A remote attacker could execute arbitrary commands or cause a Denial of Service condition via maliciously crafted web content. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	119323
published	2018-12-03
reporter	This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/119323
title	GLSA-201812-04 : WebkitGTK+: Multiple vulnerabilities

Packetstorm

data source	https://packetstormsecurity.com/files/download/149551/GS20180925230830.txt
id	PACKETSTORM:149551
last seen	2018-09-26
published	2018-09-25
reporter	Ivan Fratric
source	https://packetstormsecurity.com/files/149551/WebKit-WebCore-Node-ensureRareData-Use-After-Free.html
title	WebKit WebCore::Node::ensureRareData Use-After-Free

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

Nessus

Packetstorm

References