Allele Security Alert
ASA-2019-00290
Identifier(s)
ASA-2019-00290, CVE-2019-8587, WSA-2019-0003
Title
Multiple memory corruption
Vendor(s)
The WebKitGTK Team
The WPE WebKit Team
Product(s)
WebKitGTK
WPE WebKit
Affected version(s)
WebKitGTK before 2.24.1
WPE WebKit before 2.24.1
Fixed version(s)
WebKitGTK version 2.24.1
WPE WebKit version 2.24.1
Proof of concept
Unknown
Description
Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.
Technical details
Unknown
Credits
G. Geshev (MWR labs)
Reference(s)
[webkit-gtk] WebKitGTK and WPE WebKit Security Advisory WSA-2019-0003
https://lists.webkit.org/pipermail/webkit-gtk/2019-May/003502.html
WebKitGTK and WPE WebKit Security Advisory WSA-2019-0003
https://webkitgtk.org/security/WSA-2019-0003.html
WebKitGTK and WPE WebKit Security Advisory WSA-2019-0003
https://wpewebkit.org/security/WSA-2019-0003.html
CVE-2019-8587
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8587
CVE-2019-8587
https://nvd.nist.gov/vuln/detail/CVE-2019-8587
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: May 22, 2019