Eye of Gnome 3.10.2 – GMarkup Out of Bounds Write

• Exploit Database
• 12 阅读

• 作者： Kaslov Dmitri
  日期： 2016-08-23
• 类别：

  • dos
  平台：

  • linux
• 来源：https://www.exploit-db.com/exploits/40291/

• # Exploit Title: Gnome Eye of Gnome Out-of-bounds-write
  # Exploit Author: Kaslov Dmitri
  # Vendor Homepage: https://wiki.gnome.org/Apps/EyeOfGnome
  # Version: 3.10.2
  # Tested on: Ubuntu 14.04 LTS
  # CVE: CVE-2016-6855
  
  Proof of Concept:
  https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40291.zip
  
  
  Reported: 19-August-2016
  Fixed: 21-Agugst-2016 (fix will go into next software release)
  
  GMarkup requires valid UTF8 input strings and would cause odd
  looking messages if given invalid input. This could also trigger an
  out-of-bounds write in glib before 2.44.1