Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.704515 |
Category: | Debian Local Security Checks |
Title: | Debian Security Advisory DSA 4515-1 (webkit2gtk - security update) |
Summary: | The remote host is missing an update for the 'webkit2gtk'; package(s) announced via the DSA-4515-1 advisory. |
Description: | Summary: The remote host is missing an update for the 'webkit2gtk' package(s) announced via the DSA-4515-1 advisory. Vulnerability Insight: Several vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2019-8644 G. Geshev discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8649 Sergei Glazunov discovered an issue that may lead to universal cross site scripting. CVE-2019-8658 akayn discovered an issue that may lead to universal cross site scripting. CVE-2019-8666 Zongming Wang and Zhe Jin discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8669 akayn discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8671 Apple discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8672 Samuel Gross discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8673 Soyeon Park and Wen Xu discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8676 Soyeon Park and Wen Xu discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8677 Jihui Lu discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8678 An anonymous researcher, Anthony Lai, Ken Wong, Jeonghoon Shin, Johnny Yu, Chris Chan, Phil Mok, Alan Ho, and Byron Wai discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8679 Jihui Lu discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8680 Jihui Lu discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8681 G. Geshev discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8683 lokihardt discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8684 lokihardt discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8686 G. Geshev discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8687 Apple discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8688 Insu Yun discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8689 lokihardt discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8690 Sergei Glazunov discovered an issue that may lead to universal cross site scripting. You can see more details on the WebKitGTK and WPE WebKit Security Advisory WSA-2019-0004. Affected Software/OS: 'webkit2gtk' package(s) on Debian Linux. Solution: For the stable distribution (buster), these problems have been fixed in version 2.24.4-1~ deb10u1. We recommend that you upgrade your webkit2gtk packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-8644 https://support.apple.com/HT210346 https://support.apple.com/HT210348 https://support.apple.com/HT210351 https://support.apple.com/HT210355 https://support.apple.com/HT210356 https://support.apple.com/HT210357 https://support.apple.com/HT210358 Common Vulnerability Exposure (CVE) ID: CVE-2019-8649 Common Vulnerability Exposure (CVE) ID: CVE-2019-8658 https://support.apple.com/HT210353 Common Vulnerability Exposure (CVE) ID: CVE-2019-8666 Common Vulnerability Exposure (CVE) ID: CVE-2019-8669 Common Vulnerability Exposure (CVE) ID: CVE-2019-8671 Common Vulnerability Exposure (CVE) ID: CVE-2019-8672 Common Vulnerability Exposure (CVE) ID: CVE-2019-8673 Common Vulnerability Exposure (CVE) ID: CVE-2019-8676 Common Vulnerability Exposure (CVE) ID: CVE-2019-8677 Common Vulnerability Exposure (CVE) ID: CVE-2019-8678 Common Vulnerability Exposure (CVE) ID: CVE-2019-8679 Common Vulnerability Exposure (CVE) ID: CVE-2019-8680 Common Vulnerability Exposure (CVE) ID: CVE-2019-8681 Common Vulnerability Exposure (CVE) ID: CVE-2019-8683 Common Vulnerability Exposure (CVE) ID: CVE-2019-8684 Common Vulnerability Exposure (CVE) ID: CVE-2019-8686 Common Vulnerability Exposure (CVE) ID: CVE-2019-8687 Common Vulnerability Exposure (CVE) ID: CVE-2019-8688 Common Vulnerability Exposure (CVE) ID: CVE-2019-8689 Common Vulnerability Exposure (CVE) ID: CVE-2019-8690 |
Copyright | Copyright (C) 2019 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |