Detections
Analytics
GLSA-201812-04 : WebkitGTK+: Multiple vulnerabilities
high Nessus Plugin ID 119323
Language:
Synopsis
The remote Gentoo host is missing one or more security-related patches.Description
The remote host is affected by the vulnerability described in GLSA-201812-04 (WebkitGTK+: Multiple vulnerabilities)Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details.
Impact :
A remote attacker could execute arbitrary commands or cause a Denial of Service condition via maliciously crafted web content.
Workaround :
There is no known workaround at this time.
Solution
All WebkitGTK+ users should upgrade to the latest version:# emerge --sync # emerge --ask --oneshot --verbose '>=net-libs/webkit-gtk-2.22.0'
See Also
Plugin Details
Severity: High
ID: 119323
File Name: gentoo_GLSA-201812-04.nasl
Version: 1.4
Type: local
Family: Gentoo Local Security Checks
Published: 12/3/2018
Updated: 7/17/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2018-4361
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:gentoo:linux, p-cpe:/a:gentoo:linux:webkit-gtk
Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/2/2018
Reference Information
CVE: CVE-2018-4191, CVE-2018-4197, CVE-2018-4207, CVE-2018-4208, CVE-2018-4209, CVE-2018-4210, CVE-2018-4212, CVE-2018-4213, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4311, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4358, CVE-2018-4359, CVE-2018-4361
GLSA: 201812-04