Lucene search

Ubuntu.comUB:CVE-2016-4761

HistoryDec 01, 2016 - 12:00 a.m.

CVE-2016-4761

2016-12-0100:00:00

ubuntu.com

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.006

Percentile

77.7%

JSON

WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote
attackers to cause a DoS

Notes

Author	Note
jdstrand	webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8

OSVersionArchitecturePackageVersionFilename
ubuntu16.04noarchwebkit2gtk< 2.14.2-0ubuntu0.16.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	16.04	noarch	webkit2gtk	< 2.14.2-0ubuntu0.16.04.1	UNKNOWN

References

launchpad.net/bugs/cve/CVE-2016-4761

nvd.nist.gov/vuln/detail/CVE-2016-4761

security-tracker.debian.org/tracker/CVE-2016-4761

ubuntu.com/security/notices/USN-3166-1

webkitgtk.org/security/WSA-2016-0006.html

www.cve.org/CVERecord?id=CVE-2016-4761

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.006

Percentile

77.7%

JSON

Related for UB:CVE-2016-4761