← back
CVE-2019-8720

CVE-2019-8720

CVSS 8.8 HIGHEPSS 1.6%● KEVCWE-119
In short

WebKit contains a memory corruption vulnerability triggered by malicious web content that could allow attackers to run arbitrary code on your device. Visiting a compromised website could be enough to exploit this flaw.

Technical detail

CWE-119 (Buffer Overflow) in WebKit's memory handling allows remote code execution via crafted web content. The attack requires user interaction (visiting a malicious website) and results in arbitrary code execution with the privileges of the WebKit process. Multiple memory corruption issues are addressed through improved memory management.

Summary generated and translated by AI from the official description.
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · webkitgtk

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.redhat.com/show_bug.cgi?id=1876611https://webkitgtk.org/security/WSA-2019-0005.htmlhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-8720