Vulnerabilities

CVE-2017-1000121

by Fred · 01/11/2017

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.

Date published : 2017-11-01

http://trac.webkit.org/changeset/217126/webkit

Related

Tags: Cybersecurity Alert