exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

WebKitGTK+ SOP Bypass / Information Disclosure

WebKitGTK+ SOP Bypass / Information Disclosure
Posted Aug 25, 2016
Authored by WebKitGTK+ Team

WebKitGTK+ suffers from same-origin bypass, information disclosure, memory corruption, and various other vulnerabilities.

tags | advisory, vulnerability, info disclosure
advisories | CVE-2016-4583, CVE-2016-4585, CVE-2016-4586, CVE-2016-4587, CVE-2016-4588, CVE-2016-4589, CVE-2016-4590, CVE-2016-4591, CVE-2016-4592, CVE-2016-4622, CVE-2016-4623, CVE-2016-4624, CVE-2016-4651
SHA-256 | c93c90aa095a8005973c2738f5cdc52a381cac0a35ec331ae2bb11cdd652f0a6

WebKitGTK+ SOP Bypass / Information Disclosure

Change Mirror Download
------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2016-0005
------------------------------------------------------------------------

Date reported : August 25, 2016
Advisory ID : WSA-2016-0005
Advisory URL : https://webkitgtk.org/security/WSA-2016-0005.html
CVE identifiers : CVE-2016-4583, CVE-2016-4585, CVE-2016-4586,
CVE-2016-4587, CVE-2016-4588, CVE-2016-4589,
CVE-2016-4590, CVE-2016-4591, CVE-2016-4592,
CVE-2016-4622, CVE-2016-4623, CVE-2016-4624,
CVE-2016-4651.

Several vulnerabilities were discovered in WebKitGTK+.

CVE-2016-4583
Versions affected: WebKitGTK+ before 2.12.2.
Credit to Roeland Krak.
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS
before 9.2.2 allows remote attackers to bypass the Same Origin
Policy and obtain image date from an unintended web site via a
timing attack involving an SVG document.

CVE-2016-4585
Versions affected: WebKitGTK+ before 2.12.1.
Credit to Takeshi Terada of Mitsui Bussan Secure Directions, Inc.
(www.mbsd.jp).
Cross-site scripting (XSS) vulnerability in the WebKit Page Loading
implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and
tvOS before 9.2.2 allows remote attackers to inject arbitrary web
script or HTML via an HTTP response specifying redirection that is
mishandled by Safari.

CVE-2016-4586
Versions affected: WebKitGTK+ before 2.12.1.
Credit to Apple.
WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows
remote attackers to execute arbitrary code or cause a denial of
service (memory corruption) via a crafted web site.

CVE-2016-4587
Versions affected: WebKitGTK+ before 2.10.1.
Credit to Apple.
WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote
attackers to obtain sensitive information from uninitialized process
memory via a crafted web site.

CVE-2016-4588
Versions affected: WebKitGTK+ before 2.12.3.
Credit to Apple.
WebKit in Apple tvOS before 9.2.2 allows remote attackers to execute
arbitrary code or cause a denial of service (memory corruption) via
a crafted web site.

CVE-2016-4589
Versions affected: WebKitGTK+ before 2.12.3.
Credit to Tongbo Luo and Bo Qu of Palo Alto Networks.
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS
before 9.2.2 allows remote attackers to execute arbitrary code or
cause a denial of service (memory corruption) via a crafted web
site, a different vulnerability than CVE-2016-4622, CVE-2016-4623,
and CVE-2016-4624.

CVE-2016-4590
Versions affected: WebKitGTK+ before 2.12.4.
Credit to xisigr of Tencent's Xuanwu Lab (www.tencent.com).
WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles
about: URLs, which allows remote attackers to bypass the Same Origin
Policy via a crafted web site.

CVE-2016-4591
Versions affected: WebKitGTK+ before 2.12.4.
Credit to ma.la of LINE Corporation.
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS
before 9.2.2 mishandles the location variable, which allows remote
attackers to access the local filesystem via unspecified vectors.

CVE-2016-4592
Versions affected: WebKitGTK+ before 2.10.5.
Credit to Mikhail.
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS
before 9.2.2 allows remote attackers to cause a denial of service
(memory consumption) via a crafted web site.

CVE-2016-4622
Versions affected: WebKitGTK+ before 2.12.4.
Credit to Samuel Gross working with Trend Micro's Zero Day
Initiative.
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS
before 9.2.2 allows remote attackers to execute arbitrary code or
cause a denial of service (memory corruption) via a crafted web
site, a different vulnerability than CVE-2016-4589, CVE-2016-4623,
and CVE-2016-4624.

CVE-2016-4623
Versions affected: WebKitGTK+ before 2.12.0.
Credit to Apple.
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS
before 9.2.2 allows remote attackers to execute arbitrary code or
cause a denial of service (memory corruption) via a crafted web
site, a different vulnerability than CVE-2016-4589, CVE-2016-4622,
and CVE-2016-4624.

CVE-2016-4624
Versions affected: WebKitGTK+ before 2.12.4.
Credit to Apple.
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS
before 9.2.2 allows remote attackers to execute arbitrary code or
cause a denial of service (memory corruption) via a crafted web
site, a different vulnerability than CVE-2016-4589, CVE-2016-4622,
and CVE-2016-4623.

CVE-2016-4651
Versions affected: WebKitGTK+ before 2.12.0.
Credit to Obscure.
Cross-site scripting (XSS) vulnerability in the WebKit JavaScript
bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows
remote attackers to inject arbitrary web script or HTML via a
crafted HTTP/0.9 response, related to a "cross-protocol cross-site
scripting (XPXSS)" vulnerability.


We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.

Further information about WebKitGTK+ Security Advisories can be found
at: https://webkitgtk.org/security.html

The WebKitGTK+ team,
August 25, 2016

Login or Register to add favorites

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    12 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close