Oval Definition:	oval:com.ubuntu.cosmic:def:20171000121000
Revision Date: 2017-11-01 Version: 1 Title: CVE-2017-1000121 on Ubuntu 18.10 (cosmic) - medium. Description: The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-1000121 Platform(s): Ubuntu 18.10 Product(s): Definition Synopsis Ubuntu 18.10 (cosmic) is installed. AND Package Information The vulnerability of the 'qtwebkit-opensource-src' package in cosmic is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'qtwebkit-source' package in cosmic is not known (status: 'needs-triage'). It is pending evaluation. OR NOT While related to the CVE in some way, the 'webkit2gtk' package in cosmic is not affected (note: '2.17.92-1'). OR The vulnerability of the 'webkitgtk' package in cosmic is not known (status: 'needs-triage'). It is pending evaluation.
BACK