Published: 24/02/2019 Updated: 09/05/2019
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

The UIProcess subsystem in WebKit, as used in WebKitGTK up to and including 2.23.90 and WebKitGTK+ up to and including 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote malicious users to cause a denial of service (Buffer Overflow) or possibly have unspecified other impact, related to UIProcess/API/gtk/WebKitScriptDialogGtk.cpp, UIProcess/API/gtk/WebKitScriptDialogImpl.cpp, and UIProcess/API/gtk/WebKitWebViewGtk.cpp, as demonstrated by GNOME Web (aka Epiphany).

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

webkitgtk webkitgtk

webkitgtk webkitgtk\\+

opensuse leap 15.0

opensuse leap 42.3

canonical ubuntu linux 18.04

canonical ubuntu linux 18.10

Vendor Advisories

Several security issues were fixed in WebKitGTK+ ...


#Exploit Title: Buffer overflow # Date: 27-02-2019 # Exploit Author: Dhiraj Mishra # Vendor Homepage: webkitorg/ # Software Link: gitlabgnomeorg/GNOME/epiphany # Version: 22390 # Tested on: Linux 4150-38-generic # CVE: CVE-2019-8375 # References: # nvdnistgov/vuln/detail/CVE-2019-8375 # wwwinputzeroio/2019 ...

Github Repositories

An updated collection of resources targeting browser-exploitation.

Browser-Pwn The world of Browsers is dominated by 4 major players: Chromium/Chrome (Blink-Engine) Firefox (Gecko-Engine) Safari (WebKit-Engine) Edge (Blink-Engine (former EdgeHTML-Engine) The following is split into two parts: Information that helps to understand their architecture and implementation and how to build them from sources Information that helps finding their cal