CVE-2018-12911
CRITICALWebKitGTK+ 2.20.3 - Out-of-bounds Write in get_simple_globs
Title source: llmDescription
WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c.
References (2)
Core 2
Core References
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3743-1/
Patch, Vendor Advisory x_refsource_misc
https://trac.webkit.org/changeset/233404/webkit
Scores
CVSS v3
9.8
EPSS
0.0049
EPSS Percentile
65.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (3)
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
18.04
webkitgtk/webkitgtk\+
2.20.3
Published
Jul 19, 2018
Tracked Since
Feb 18, 2026