GNOME WebKitGTK Configured HTTP Proxy Settings Vulnerability

By GIXnews


A vulnerability in GNOME WebKitGTK could allow an unauthenticated, remote attacker to conduct a deanonymization attack on a targeted system.

The vulnerability exists because the affected software fails to properly apply configured HTTP proxy settings when downloading livestream video. An attacker could exploit this vulnerability to perform a deanonymization attack on a targeted system. A successful exploit could allow the attacker to conduct further attacks.

GNOME has confirmed the vulnerability and released software updates.

Security Impact Rating: Medium

CVE: CVE-2019-11070

Source:: Cisco Multivendor Vulnerability Alerts