 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.704515 |
| Category: | Debian Local Security Checks |
| Title: | Debian: Security Advisory (DSA-4515-1) |
| Summary: | The remote host is missing an update for the Debian 'webkit2gtk' package(s) announced via the DSA-4515-1 advisory. |
| Description: | Summary: The remote host is missing an update for the Debian 'webkit2gtk' package(s) announced via the DSA-4515-1 advisory. Vulnerability Insight: Several vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2019-8644 G. Geshev discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8649 Sergei Glazunov discovered an issue that may lead to universal cross site scripting. CVE-2019-8658 akayn discovered an issue that may lead to universal cross site scripting. CVE-2019-8666 Zongming Wang and Zhe Jin discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8669 akayn discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8671 Apple discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8672 Samuel Gross discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8673 Soyeon Park and Wen Xu discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8676 Soyeon Park and Wen Xu discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8677 Jihui Lu discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8678 An anonymous researcher, Anthony Lai, Ken Wong, Jeonghoon Shin, Johnny Yu, Chris Chan, Phil Mok, Alan Ho, and Byron Wai discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8679 Jihui Lu discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8680 Jihui Lu discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8681 G. Geshev discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8683 lokihardt discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8684 lokihardt discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8686 G. Geshev discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8687 Apple discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8688 Insu Yun discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8689 lokihardt discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8690 Sergei Glazunov discovered an issue that may lead to universal cross site scripting. You can see more details on the WebKitGTK and WPE WebKit Security Advisory WSA-2019-0004. For the stable distribution (buster), these problems have been fixed in version 2.24.4-1~ deb10u1. We recommend that you upgrade your webkit2gtk packages. For the detailed security status of webkit2gtk please refer to its security tracker page at: [link moved to references] Affected Software/OS: 'webkit2gtk' package(s) on Debian 10. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-8644 https://support.apple.com/HT210346 https://support.apple.com/HT210348 https://support.apple.com/HT210351 https://support.apple.com/HT210355 https://support.apple.com/HT210356 https://support.apple.com/HT210357 https://support.apple.com/HT210358 Common Vulnerability Exposure (CVE) ID: CVE-2019-8649 Common Vulnerability Exposure (CVE) ID: CVE-2019-8658 https://support.apple.com/HT210353 Common Vulnerability Exposure (CVE) ID: CVE-2019-8666 Common Vulnerability Exposure (CVE) ID: CVE-2019-8669 Common Vulnerability Exposure (CVE) ID: CVE-2019-8671 Common Vulnerability Exposure (CVE) ID: CVE-2019-8672 Common Vulnerability Exposure (CVE) ID: CVE-2019-8673 Common Vulnerability Exposure (CVE) ID: CVE-2019-8674 https://security.gentoo.org/glsa/202003-22 https://support.apple.com/HT210606 https://support.apple.com/HT210608 Common Vulnerability Exposure (CVE) ID: CVE-2019-8676 Common Vulnerability Exposure (CVE) ID: CVE-2019-8677 Common Vulnerability Exposure (CVE) ID: CVE-2019-8678 Common Vulnerability Exposure (CVE) ID: CVE-2019-8679 Common Vulnerability Exposure (CVE) ID: CVE-2019-8680 Common Vulnerability Exposure (CVE) ID: CVE-2019-8681 Common Vulnerability Exposure (CVE) ID: CVE-2019-8683 Common Vulnerability Exposure (CVE) ID: CVE-2019-8684 Common Vulnerability Exposure (CVE) ID: CVE-2019-8686 Common Vulnerability Exposure (CVE) ID: CVE-2019-8687 Common Vulnerability Exposure (CVE) ID: CVE-2019-8688 Common Vulnerability Exposure (CVE) ID: CVE-2019-8689 Common Vulnerability Exposure (CVE) ID: CVE-2019-8690 Common Vulnerability Exposure (CVE) ID: CVE-2019-8707 https://support.apple.com/HT210635 https://support.apple.com/HT210636 https://support.apple.com/HT210637 Common Vulnerability Exposure (CVE) ID: CVE-2019-8719 Common Vulnerability Exposure (CVE) ID: CVE-2019-8733 Common Vulnerability Exposure (CVE) ID: CVE-2019-8763 Common Vulnerability Exposure (CVE) ID: CVE-2019-8765 https://support.apple.com/HT210724 Common Vulnerability Exposure (CVE) ID: CVE-2019-8821 https://support.apple.com/HT210721 https://support.apple.com/HT210723 https://support.apple.com/HT210725 https://support.apple.com/HT210726 https://support.apple.com/HT210727 https://support.apple.com/HT210728 Common Vulnerability Exposure (CVE) ID: CVE-2019-8822 |
| Copyright | Copyright (C) 2019 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |