Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2019.0497.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2019:0497-1)
Summary:The remote host is missing an update for the 'webkit2gtk3' package(s) announced via the SUSE-SU-2019:0497-1 advisory.
Description:Summary:
The remote host is missing an update for the 'webkit2gtk3' package(s) announced via the SUSE-SU-2019:0497-1 advisory.

Vulnerability Insight:
This update for webkit2gtk3 to version 2.22.6 fixes the following issues
(boo#1124937 boo#1119558):

Security vulnerabilities fixed:
CVE-2018-4437: Processing maliciously crafted web content may lead to
arbitrary code execution. Multiple memory corruption issues were
addressed with improved memory handling. (boo#1119553)

CVE-2018-4438: Processing maliciously crafted web content may lead to
arbitrary code execution. A logic issue existed resulting in memory
corruption. This was addressed with improved state management.
(boo#1119554)

CVE-2018-4441: Processing maliciously crafted web content may lead to
arbitrary code execution. A memory corruption issue was addressed with
improved memory handling. (boo#1119555)

CVE-2018-4442: Processing maliciously crafted web content may lead to
arbitrary code execution. A memory corruption issue was addressed with
improved memory handling. (boo#1119556)

CVE-2018-4443: Processing maliciously crafted web content may lead to
arbitrary code execution. A memory corruption issue was addressed with
improved memory handling. (boo#1119557)

CVE-2018-4464: Processing maliciously crafted web content may lead to
arbitrary code execution. Multiple memory corruption issues were
addressed with improved memory handling. (boo#1119558)

CVE-2019-6212: Processing maliciously crafted web content may lead to
arbitrary code execution. Multiple memory corruption issues were
addressed with improved memory handling.

CVE-2019-6215: Processing maliciously crafted web content may lead to
arbitrary code execution. A type confusion issue was addressed with
improved memory handling.

CVE-2019-6216: Processing maliciously crafted web content may lead to
arbitrary code execution. Multiple memory corruption issues were
addressed with improved memory handling.

CVE-2019-6217: Processing maliciously crafted web content may lead to
arbitrary code execution. Multiple memory corruption issues were
addressed with improved memory handling.

CVE-2019-6226: Processing maliciously crafted web content may lead to
arbitrary code execution. Multiple memory corruption issues were
addressed with improved memory handling.

CVE-2019-6227: Processing maliciously crafted web content may lead to
arbitrary code execution. A memory corruption issue was addressed with
improved memory handling.

CVE-2019-6229: Processing maliciously crafted web content may lead to
universal cross site scripting. A logic issue was addressed with
improved validation.

CVE-2019-6233: Processing maliciously crafted web content may lead to
arbitrary code execution. A memory corruption issue was addressed with
improved memory handling.

CVE-2019-6234: Processing maliciously crafted web content may lead to
arbitrary code execution. A memory corruption issue was addressed with
improved memory handling.

Other bug fixes and changes:
Make kinetic scrolling slow down smoothly when reachin... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'webkit2gtk3' package(s) on SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Module for Desktop Applications 15, SUSE Linux Enterprise Module for Basesystem 15

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-4437
https://support.apple.com/kb/HT209340
https://support.apple.com/kb/HT209342
https://support.apple.com/kb/HT209343
https://support.apple.com/kb/HT209344
https://support.apple.com/kb/HT209345
https://support.apple.com/kb/HT209346
Common Vulnerability Exposure (CVE) ID: CVE-2018-4438
Common Vulnerability Exposure (CVE) ID: CVE-2018-4441
Common Vulnerability Exposure (CVE) ID: CVE-2018-4442
Common Vulnerability Exposure (CVE) ID: CVE-2018-4443
Common Vulnerability Exposure (CVE) ID: CVE-2018-4464
Common Vulnerability Exposure (CVE) ID: CVE-2019-6212
BugTraq ID: 106691
http://www.securityfocus.com/bid/106691
https://security.gentoo.org/glsa/201903-12
https://usn.ubuntu.com/3889-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-6215
https://www.exploit-db.com/exploits/46448/
Common Vulnerability Exposure (CVE) ID: CVE-2019-6216
BugTraq ID: 106699
http://www.securityfocus.com/bid/106699
Common Vulnerability Exposure (CVE) ID: CVE-2019-6217
Common Vulnerability Exposure (CVE) ID: CVE-2019-6226
BugTraq ID: 106696
http://www.securityfocus.com/bid/106696
Common Vulnerability Exposure (CVE) ID: CVE-2019-6227
Common Vulnerability Exposure (CVE) ID: CVE-2019-6229
Common Vulnerability Exposure (CVE) ID: CVE-2019-6233
Common Vulnerability Exposure (CVE) ID: CVE-2019-6234
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.