WebKitGTK+ Security Advisory WSA-2017-0008

------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2017-0008 ------------------------------------------------------------------------ Date reported : October 18, 2017 Advisory ID : WSA-2017-0008 Advisory URL : https://webkitgtk.org/security/WSA-2017-0008.html CVE identifiers : CVE-2017-7081, CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091, CVE-2017-7092, CVE-2017-7093, CVE-2017-7094, CVE-2017-7095, CVE-2017-7096, CVE-2017-7098, CVE-2017-7099, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104, CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117, CVE-2017-7120, CVE-2017-7142. Several vulnerabilities were discovered in WebKitGTK+. CVE-2017-7081 Versions affected: WebKitGTK+ before 2.16.1. Credit to Apple. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7087 Versions affected: WebKitGTK+ before 2.18.0. Credit to Apple. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7089 Versions affected: WebKitGTK+ before 2.18.0. Credit to Anton Lopanitsyn of ONSEC, Frans Rosén of Detectify. Impact: Processing maliciously crafted web content may lead to universal cross site scripting. Description: A logic issue existed in the handling of the parent-tab. This issue was addressed with improved state management. CVE-2017-7090 Versions affected: WebKitGTK+ before 2.18.0. Credit to Apple. Impact: Cookies belonging to one origin may be sent to another origin. Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed by no longer returning cookies for custom URL schemes. CVE-2017-7091 Versions affected: WebKitGTK+ before 2.18.0. Credit to Wei Yuan of Baidu Security Lab working with Trend Micro’s Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7092 Versions affected: WebKitGTK+ before 2.18.0. Credit to Qixun Zhao (@S0rryMybad) of Qihoo 360 Vulcan Team, Samuel Gro and Niklas Baumstark working with Trend Micro's Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7093 Versions affected: WebKitGTK+ before 2.18.0. Credit to Samuel Gro and Niklas Baumstark working with Trend Micro’s Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7094 Versions affected: WebKitGTK+ before 2.16.3. Credit to Tim Michaud (@TimGMichaud) of Leviathan Security Group. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7095 Versions affected: WebKitGTK+ before 2.18.0. Credit to Wang Junjie, Wei Lei, and Liu Yang of Nanyang Technological University working with Trend Micro’s Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7096 Versions affected: WebKitGTK+ before 2.18.0. Credit to Wei Yuan of Baidu Security Lab. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7098 Versions affected: WebKitGTK+ before 2.18.0. Credit to Felipe Freitas of Instituto Tecnológico de Aeronáutica. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7099 Versions affected: WebKitGTK+ before 2.16.4. Credit to Apple. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7100 Versions affected: WebKitGTK+ before 2.18.0. Credit to Masato Kinugawa and Mario Heiderich of Cure53. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7102 Versions affected: WebKitGTK+ before 2.18.0. Credit to Wang Junjie, Wei Lei, and Liu Yang of Nanyang Technological University. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7104 Versions affected: WebKitGTK+ before 2.18.0. Credit to likemeng of Baidu Secutity Lab. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7107 Versions affected: WebKitGTK+ before 2.18.0. Credit to Wang Junjie, Wei Lei, and Liu Yang of Nanyang Technological University. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7109 Versions affected: WebKitGTK+ before 2.18.0. Credit to avlidienbrunn. Impact: Processing maliciously crafted web content may lead to a cross site scripting attack. Description: Application Cache policy may be unexpectedly applied. CVE-2017-7111 Versions affected: WebKitGTK+ before 2.18.0. Credit to likemeng of Baidu Security Lab (xlab.baidu.com) working with Trend Micro's Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7117 Versions affected: WebKitGTK+ before 2.18.0. Credit to lokihardt of Google Project Zero. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7120 Versions affected: WebKitGTK+ before 2.18.0. Credit to chenqin (陈钦) of Ant-financial Light-Year Security Lab. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7142 Versions affected: WebKitGTK+ before 2.16.1. Credit to an anonymous researcher. Impact: Website data may persist after a Safari Private browsing session. Description: An information leakage issue existed in the handling of website data in Safari Private windows. This issue was addressed with improved data handling. We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases. Further information about WebKitGTK+ Security Advisories can be found at: https://webkitgtk.org/security.html The WebKitGTK+ team, October 18, 2017