The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.
History

Thu, 14 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-11-01T21:00:00Z

Updated: 2024-11-14T19:53:43.151Z

Reserved: 2017-11-01T00:00:00Z

Link: CVE-2017-1000121

cve-icon Vulnrichment

Updated: 2024-08-05T21:53:06.809Z

cve-icon NVD

Status : Modified

Published: 2017-11-01T21:29:00.280

Modified: 2024-11-21T03:04:13.050

Link: CVE-2017-1000121

cve-icon Redhat

No data.