Home[1] Files[2] News[3] &[SERVICES_TAB] Contact[4] Add New[5]
- Debian Security Advisory 5792-1[6]
- Authored by Debian[7] | Site debian.org[8]
-
Debian Linux Security Advisory 5792-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Hafiizh and YoKo Kho discovered that visiting a malicious website may lead to address bar spoofing. Narendra Bhati discovered that a malicious website may exfiltrate data cross-origin.
- systems | linux[9], debian[10]
- advisories | CVE-2024-40866[11], CVE-2024-44187[12]
- SHA-256 |
6c18c5c48316e22ebdd4c277dc051b11216afc79e2f4ce344b61f3d3a8f4d3ef - Download[13] | Favorite[14] | View[15]
Change Mirror[16] Download[17]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5792-1Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser.
https://www.debian.org/security/ Alberto Garcia
October 14, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : webkit2gtk
CVE ID : CVE-2024-40866 CVE-2024-44187
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
CVE-2024-40866
Hafiizh and YoKo Kho discovered that visiting a malicious website
may lead to address bar spoofing.
CVE-2024-44187
Narendra Bhati discovered that a malicious website may exfiltrate
data cross-origin.
For the stable distribution (bookworm), these problems have been fixed in
version 2.46.0-2~deb12u1.
We recommend that you upgrade your webkit2gtk packages.
For the detailed security status of webkit2gtk please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/webkit2gtk
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list:Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser.
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmcNkVcACgkQAAyEYu0C
2AIS8g/9EKZzBT0VW5VA4kCzLSijtpyKw+kDKgVbsFQmDudoYfr1xF1syfyw1y9r
RwdUi5q2puDKenEBk1kg3xRUkVM0HCbzCVt/h6mmx6YaBjKVAl95syXiWyDnXoOI
7e4WnzAtUgsNfx4+zpTqNdfK/982C/Zfc2kuit2iXiBDcCYtdBWV3+k8vbbT4Om5
2MYrbxlQlyUXEc9ZZpaAUxTvuklSQ2wHK3xtlAmoxsMdj2+Re9bOKuBuOKZkUfwU
9olgKg83HWhzc5W4u840q8oHmUrZDUpNbLjQGTSBZWVQE0uAiD8IA8k4I/TxjPFm
MyeSRKKE0QTCOPDyHskVW+ijjcqs8pHa9/jAwXO/cBO6ZBkSbnQZ57j4+CQtrzA5
N0Yh02AM48898eRDXhlt2SBz+tQnlhs0vSRMacccbIy0GSlccSoiaJRsUFXZ+LOb
JiM8xlbJ8KsKJz/pTOM6qzrIkD/RFmqBrxIutPqsusG+XbiVQkvcQp13otfTK8Pk
hzGC47UBZuuUib8DXkYSgbb0b/cw6/efIwy60NpPsT7DxfjLwCyVspyQcjJplGAN
Lou0R6ezpNQu9iijjeJZR6DouiYP0YGoLm8bVo0OBIsw0tmO7vZ82SBi6Rf7ScIB
Hu190dDPt2WdNigXxpGmjk+nWyj7DncEZEfwKQb/rZos52hPh/Q=
=pvja
-----END PGP SIGNATURE-----
Follow us on Twitter
Follow us on
Facebook
Subscribe to an RSS
FeedFile Tags
- ActiveX[23] (933)
- Advisory[24] (87,210)
- Arbitrary[25] (17,152)
- BBS[26] (2,859)
- Bypass[27] (1,934)
- CGI[28] (1,049)
- Code Execution[29] (7,953)
- Conference[30] (693)
- Cracker[31] (845)
- CSRF[32] (3,440)
- DoS[33] (25,359)
- Encryption[34] (2,396)
- Exploit[35] (54,433)
- File Inclusion[36] (4,279)
- File Upload[37] (1,027)
- Firewall[38] (822)
- Info Disclosure[39] (2,930)
- Intrusion Detection[40] (923)
- Java[41] (3,156)
- JavaScript[42] (910)
- Kernel[43] (7,326)
- Local[44] (14,874)
- Magazine[45] (587)
- Overflow[46] (13,237)
- Perl[47] (1,435)
- PHP[48] (5,316)
- Proof of Concept[49] (2,417)
- Protocol[50] (3,757)
- Python[51] (1,670)
- Remote[52] (31,959)
- Root[53] (3,676)
- Rootkit[54] (530)
- Ruby[55] (644)
- Scanner[56] (1,660)
- Security Tool[57] (8,060)
- Shell[58] (3,320)
- Shellcode[59] (1,219)
- Sniffer[60] (905)
- Spoof[61] (2,298)
- SQL Injection[62] (16,744)
- TCP[63] (2,463)
- Trojan[64] (690)
- UDP[65] (919)
- Virus[66] (675)
- Vulnerability[67] (33,175)
- Web[68] (10,163)
- Whitepaper[69] (3,785)
- x86[70] (970)
- XSS[71] (18,316)
- Other[72]
File Archives
- October 2024[73]
- September 2024[74]
- August 2024[75]
- July 2024[76]
- June 2024[77]
- May 2024[78]
- April 2024[79]
- March 2024[80]
- February 2024[81]
- January 2024[82]
- December 2023[83]
- November 2023[84]
- Older[85]
Systems
- AIX[86] (430)
- Apple[87] (2,117)
- BSD[88] (378)
- CentOS[89] (61)
- Cisco[90] (1,954)
- Debian[91] (7,144)
- Fedora[92] (1,693)
- FreeBSD[93] (1,247)
- Gentoo[94] (4,599)
- HPUX[95] (881)
- iOS[96] (391)
- iPhone[97] (108)
- IRIX[98] (220)
- Juniper[99] (71)
- Linux[100] (51,583)
- Mac OS X[101] (696)
- Mandriva[102] (3,105)
- NetBSD[103] (256)
- OpenBSD[104] (490)
- RedHat[105] (17,065)
- Slackware[106] (941)
- Solaris[107] (1,615)
- SUSE[108] (1,444)
- Ubuntu[109] (9,923)
- UNIX[110] (9,469)
- UnixWare[111] (188)
- Windows[112] (6,784)
- Other[113]
© 2024 Packet Storm. All rights reserved.
- Services
- Security Services[124]
- Hosting By
- Rokasec[125]
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Read more https://packetstormsecurity.com/files/182228/dsa-5792-1.txt
