GNOME WebKitGTK UIProcess Subsystem Buffer Overflow Vulnerability – Apr 2019

Preface: A browser engine is a core software component of every major web browser. Apart of “browser engine”, two other terms are in common use regarding related concepts: “layout engine” and “rendering engine”


A rendering engine is used by a Web browser to eender HTML pages, by mail programs that render HTML email message, as well as any other application that needs to render Web page content.
WebKitGTK is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers.
WebKit is the web browser engine used by Safari, Mail, App Store, and many other apps on macOS, iOS, and Linux.

Vulnerability: A vulnerability in GNOME WebKitGTK could allow an unauthenticated, remote attacker to compromise a targeted system completely. The successful exploit could cause a buffer overflow condition, allowing the attacker to compromise the system completely.

Fixed Software: