------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2017-0004 ------------------------------------------------------------------------ Date reported : May 25, 2017 Advisory ID : WSA-2017-0004 Advisory URL : https://webkitgtk.org/security/WSA-2017-0004.html CVE identifiers : CVE-2017-2496, CVE-2017-2504, CVE-2017-2505, CVE-2017-2506, CVE-2017-2508, CVE-2017-2510, CVE-2017-2514, CVE-2017-2515, CVE-2017-2521, CVE-2017-2525, CVE-2017-2526, CVE-2017-2528, CVE-2017-2530, CVE-2017-2531, CVE-2017-2536, CVE-2017-2539, CVE-2017-2544, CVE-2017-2547, CVE-2017-2549, CVE-2017-6980, CVE-2017-6984. Several vulnerabilities were discovered in WebKitGTK+. CVE-2017-2496 Versions affected: WebKitGTK+ before 2.16.3. Credit to Apple. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-2504 Versions affected: WebKitGTK+ before 2.16.1. Credit to lokihardt of Google Project Zero. Impact: Processing maliciously crafted web content may lead to universal cross site scripting (UXSS). Description: A logic issue existed in the handling of WebKit Editor commands. This issue was addressed with improved state management. CVE-2017-2505 Versions affected: WebKitGTK+ before 2.16.0. Credit to lokihardt of Google Project Zero. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-2506 Versions affected: WebKitGTK+ before 2.16.1. Credit to Zheng Huang of the Baidu Security Lab working with Trend Microas Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-2508 Versions affected: WebKitGTK+ before 2.16.0. Credit to lokihardt of Google Project Zero. Impact: Processing maliciously crafted web content may lead to universal cross site scripting (UXSS). Description: A logic issue existed in the handling of WebKit container nodes. This issue was addressed with improved state management. CVE-2017-2510 Versions affected: WebKitGTK+ before 2.16.3. Credit to lokihardt of Google Project Zero. Impact: Processing maliciously crafted web content may lead to universal cross site scripting (UXSS). Description: A logic issue existed in the handling of pageshow events. This issue was addressed with improved state management. CVE-2017-2514 Versions affected: WebKitGTK+ before 2.16.0. Credit to lokihardt of Google Project Zero. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-2515 Versions affected: WebKitGTK+ before 2.16.1. Credit to lokihardt of Google Project Zero. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-2521 Versions affected: WebKitGTK+ before 2.16.0. Credit to lokihardt of Google Project Zero. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-2525 Versions affected: WebKitGTK+ before 2.16.1. Credit to Kai Kang (4B5F5F4B) of Tencentas Xuanwu Lab (tencent.com) working with Trend Microas Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-2526 Versions affected: WebKitGTK+ before 2.16.1. Credit to Kai Kang (4B5F5F4B) of Tencentas Xuanwu Lab (tencent.com) working with Trend Microas Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-2528 Versions affected: WebKitGTK+ before 2.16.1. Credit to lokihardt of Google Project Zero. Impact: Processing maliciously crafted web content may lead to universal cross site scripting (UXSS). Description: A logic issue existed in the handling of WebKit cached frames. This issue was addressed with improved state management. CVE-2017-2530 Versions affected: WebKitGTK+ before 2.16.1. Credit to Wei Yuan of Baidu Security Lab. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-2531 Versions affected: WebKitGTK+ before 2.16.1. Credit to lokihardt of Google Project Zero. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-2536 Versions affected: WebKitGTK+ before 2.16.1. Credit to Samuel GroA and Niklas Baumstark working with Trend Micro's Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-2539 Versions affected: WebKitGTK+ before 2.16.3. Credit to Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-2544 Versions affected: WebKitGTK+ before 2.16.1. Credit to 360 Security (@mj0011sec) working with Trend Micro's Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-2547 Versions affected: WebKitGTK+ before 2.16.1. Credit to lokihardt of Google Project Zero, Team Sniper (Keen Lab and PC Mgr) working with Trend Micro's Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-2549 Versions affected: WebKitGTK+ before 2.16.1. Credit to lokihardt of Google Project Zero. Impact: Processing maliciously crafted web content may lead to universal cross site scripting (UXSS). Description: A logic issue existed in frame loading. This issue was addressed with improved state management. CVE-2017-6980 Versions affected: WebKitGTK+ before 2.16.1. Credit to lokihardt of Google Project Zero. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-6984 Versions affected: WebKitGTK+ before 2.16.1. Credit to lokihardt of Google Project Zero. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or cause a denial of service (memory corruption and application crash). Description: Multiple memory corruption issues were addressed with improved memory handling. We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases. Further information about WebKitGTK+ Security Advisories can be found at: https://webkitgtk.org/security.html The WebKitGTK+ team, May 25, 2017