The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.
Metrics
Affected Vendors & Products
References
History
Thu, 14 Nov 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-11-01T21:00:00Z
Updated: 2024-11-14T19:53:43.151Z
Reserved: 2017-11-01T00:00:00Z
Link: CVE-2017-1000121
Vulnrichment
Updated: 2024-08-05T21:53:06.809Z
NVD
Status : Modified
Published: 2017-11-01T21:29:00.280
Modified: 2024-11-21T03:04:13.050
Link: CVE-2017-1000121
Redhat
No data.