RHEL 6 : webkitgtk (RHSA-2011:0177)

Critical Nessus Plugin ID 51672

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

Updated webkitgtk packages that fix several security issues are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform.

Multiple memory corruption flaws were found in WebKit. Malicious web content could cause an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1787, CVE-2010-1788, CVE-2010-1790, CVE-2010-1792, CVE-2010-1807, CVE-2010-1814, CVE-2010-3114, CVE-2010-3116, CVE-2010-3119, CVE-2010-3255, CVE-2010-3812, CVE-2010-4198)

Multiple use-after-free flaws were found in WebKit. Malicious web content could cause an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-1780, CVE-2010-1786, CVE-2010-1793, CVE-2010-1812, CVE-2010-1815, CVE-2010-3113, CVE-2010-3257, CVE-2010-4197, CVE-2010-4204)

Two array index errors, leading to out-of-bounds memory reads, were found in WebKit. Malicious web content could cause an application using WebKitGTK+ to crash. (CVE-2010-4206, CVE-2010-4577)

A flaw in WebKit could allow malicious web content to trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker.
(CVE-2010-3115)

It was found that WebKit did not correctly restrict read access to images created from the 'canvas' element. Malicious web content could allow a remote attacker to bypass the same-origin policy and potentially access sensitive image data. (CVE-2010-3259)

A flaw was found in the way WebKit handled DNS prefetching. Even when it was disabled, web content containing certain 'link' elements could cause WebKitGTK+ to perform DNS prefetching. (CVE-2010-3813)

Users of WebKitGTK+ should upgrade to these updated packages, which contain WebKitGTK+ version 1.2.6, and resolve these issues. All running applications that use WebKitGTK+ must be restarted for this update to take effect.

Solution

Update the affected packages.

See Also

https://access.redhat.com/security/cve/cve-2010-1780

https://access.redhat.com/security/cve/cve-2010-1782

https://access.redhat.com/security/cve/cve-2010-1783

https://access.redhat.com/security/cve/cve-2010-1784

https://access.redhat.com/security/cve/cve-2010-1785

https://access.redhat.com/security/cve/cve-2010-1786

https://access.redhat.com/security/cve/cve-2010-1787

https://access.redhat.com/security/cve/cve-2010-1788

https://access.redhat.com/security/cve/cve-2010-1790

https://access.redhat.com/security/cve/cve-2010-1792

https://access.redhat.com/security/cve/cve-2010-1793

https://access.redhat.com/security/cve/cve-2010-1807

https://access.redhat.com/security/cve/cve-2010-1812

https://access.redhat.com/security/cve/cve-2010-1814

https://access.redhat.com/security/cve/cve-2010-1815

https://access.redhat.com/security/cve/cve-2010-3113

https://access.redhat.com/security/cve/cve-2010-3114

https://access.redhat.com/security/cve/cve-2010-3115

https://access.redhat.com/security/cve/cve-2010-3116

https://access.redhat.com/security/cve/cve-2010-3119

https://access.redhat.com/security/cve/cve-2010-3255

https://access.redhat.com/security/cve/cve-2010-3257

https://access.redhat.com/security/cve/cve-2010-3259

https://access.redhat.com/security/cve/cve-2010-3812

https://access.redhat.com/security/cve/cve-2010-3813

https://access.redhat.com/security/cve/cve-2010-4197

https://access.redhat.com/security/cve/cve-2010-4198

https://access.redhat.com/security/cve/cve-2010-4204

https://access.redhat.com/security/cve/cve-2010-4206

https://access.redhat.com/security/cve/cve-2010-4577

https://access.redhat.com/errata/RHSA-2011:0177

Plugin Details

Severity: Critical

ID: 51672

File Name: redhat-RHSA-2011-0177.nasl

Version: 1.23

Type: local

Agent: unix

Published: 2011/01/26

Updated: 2019/10/25

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:webkitgtk, p-cpe:/a:redhat:enterprise_linux:webkitgtk-debuginfo, p-cpe:/a:redhat:enterprise_linux:webkitgtk-devel, p-cpe:/a:redhat:enterprise_linux:webkitgtk-doc, cpe:/o:redhat:enterprise_linux:6, cpe:/o:redhat:enterprise_linux:6.0

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2011/01/25

Vulnerability Publication Date: 2010/07/30

Exploitable With

CANVAS (CANVAS)

Core Impact

Reference Information

CVE: CVE-2010-1780, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1790, CVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812, CVE-2010-1814, CVE-2010-1815, CVE-2010-3113, CVE-2010-3114, CVE-2010-3115, CVE-2010-3116, CVE-2010-3119, CVE-2010-3255, CVE-2010-3257, CVE-2010-3259, CVE-2010-3812, CVE-2010-3813, CVE-2010-4197, CVE-2010-4198, CVE-2010-4204, CVE-2010-4206, CVE-2010-4577

BID: 42034, 42035, 42036, 42037, 42038, 42041, 42042, 42043, 42044, 42046, 42049, 43047, 43079, 43081, 43083, 44199, 44200, 44201, 44203, 44204, 44206, 44954, 44960, 45718, 45719, 45720, 45721, 45722

RHSA: 2011:0177