Note:
This project will be discontinued after December 13, 2021. [more]
2020-02-17
Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript. NOTE: this WebKit-GTK behavior complies with existing W3C standards and existing practices for GNOME desktop integration.
| Products | Webkitgtk |
| Type | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') (CWE-74) |
| First patch | - None (likely due to unavailable code) |
| Links |
• http://www.openwall.com/lists/oss-security/2014/02/10/13
• https://www.openwall.com/lists/oss-security/2013/10/08/4 • https://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-7324.html |