CVE-2019-8375

CRITICAL

WebKitGTK < 2.23.90 and WebKitGTK+ < 2.22.6 - Buffer Overflow via Script Dialog Size Manipulation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-8375. PoCs published by Dhiraj Mishra.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in WebKitGTK by triggering a script dialog with an excessively large string, causing a denial of service (DoS). The PoC uses JavaScript to generate a long string and display it in an alert dialog, exploiting the lack of size validation in the UIProcess subsystem.

Description

The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote attackers to cause a denial of service (Buffer Overflow) or possibly have unspecified other impact, related to UIProcess/API/gtk/WebKitScriptDialogGtk.cpp, UIProcess/API/gtk/WebKitScriptDialogImpl.cpp, and UIProcess/API/gtk/WebKitWebViewGtk.cpp, as demonstrated by GNOME Web (aka Epiphany).

Exploits (1)

exploitdb WORKING POC

by Dhiraj Mishra · textdoslinux

https://www.exploit-db.com/exploits/46465

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in WebKitGTK by triggering a script dialog with an excessively large string, causing a denial of service (DoS). The PoC uses JavaScript to generate a long string and display it in an alert dialog, exploiting the lack of size validation in the UIProcess subsystem.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6

No auth needed

Prerequisites: A vulnerable version of WebKitGTK or WebKitGTK+ · A web browser using the vulnerable WebKitGTK version

MITRE ATT&CK