Eye of Gnome 3.10.2 - GMarkup Out of Bounds Write

2016-08-23 20:05:06

# Exploit Title: Gnome Eye of Gnome Out-of-bounds-write
# Exploit Author: Kaslov Dmitri
# Vendor Homepage: https://wiki.gnome.org/Apps/EyeOfGnome
# Version: 3.10.2
# Tested on: Ubuntu 14.04 LTS
# CVE: CVE-2016-6855

Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40291.zip


Reported: 19-August-2016
Fixed: 21-Agugst-2016 (fix will go into next software release)

GMarkup requires valid UTF8 input strings and would cause odd
looking messages if given invalid input. This could also trigger an
out-of-bounds write in glib before 2.44.1

Fixes

No fixes

In order to submit a new fix you need to be registered.