Skip to content
cyberexploits
doslinuxtext

Eye of Gnome 3.10.2 - GMarkup Out of Bounds Write

Eye of Gnome 3.10.2 - GMarkup Out of Bounds Write

Publié le 2016-08-23

Code source

Épinglé au commit 7eac4c3a2ce5
textplatforms/linux/dos/40291.txt7eac4c3a
raw
# Exploit Title: Gnome Eye of Gnome Out-of-bounds-write

# Exploit Author: Kaslov Dmitri

# Vendor Homepage: https://wiki.gnome.org/Apps/EyeOfGnome

# Version: 3.10.2

# Tested on: Ubuntu 14.04 LTS

# CVE: CVE-2016-6855



Proof of Concept:

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40291.zip





Reported: 19-August-2016

Fixed: 21-Agugst-2016 (fix will go into next software release)



GMarkup requires valid UTF8 input strings and would cause odd

looking messages if given invalid input. This could also trigger an

out-of-bounds write in glib before 2.44.1
Voir sur GitHub