The UNIX IPC layer in WebKit, including WebKitGTK+ before 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
webkitgtk webkitgtk\\+ |