📚 Google WebkitGTK+ up to 1.11.90 Chrome SVGViewSpec.cpp SVGViewSpec::viewTarget code injection
💡 Newskategorie: Sicherheitslücken
🔗 Quelle: vuldb.com
A vulnerability was found in Google WebkitGTK+ up to 1.11.90 (Web Browser). It has been declared as critical. This vulnerability affects the function SVGViewSpec::viewTarget
of the file WebCore/svg/SVGViewSpec.cpp of the component Chrome. Upgrading to version 25.0.1364.160 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at trac.webkit.org. The best possible mitigation is suggested to be patching the affected component. A possible mitigation has been published immediately after the disclosure of the vulnerability. ...