PT-2018-10543 · Gnome+2 · Gnome Web+2

Dhiraj

Publicado

2018-05-23

Atualizado

2024-06-15

CVE-2018-11396

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions GNOME Web (aka Epiphany) versions 3.28.2.1 and earlier

Description The issue allows remote attackers to cause a denial of service, resulting in an application crash. This can be achieved through JavaScript code that triggers access to a NULL URL. An example of such an exploit is a crafted window.open call.

Recommendations For GNOME Web (aka Epiphany) versions 3.28.2.1 and earlier, consider disabling JavaScript execution until a patch is available to prevent potential crashes caused by malicious JavaScript code.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2018-1877

CVE-2018-11396

OPENSUSE-SU-2019:2318-1

OPENSUSE-SU-2019_2318-1

OPENSUSE-SU-2024:10739-1

Produtos afetados

Alt Linux

Gnome Web

Suse

PT-2018-10543 · Gnome+2 · Gnome Web+2

CVE-2018-11396

Identificadores relacionados

Produtos afetados

Referências · 21