7.5
CVE-2016-6855
- EPSS 18.86%
- Veröffentlicht 07.09.2016 18:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fedoraproject ≫ Fedora Version23
Fedoraproject ≫ Fedora Version24
Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts
Gnome ≫ Eye Of Gnome Version3.16.5
Gnome ≫ Eye Of Gnome Version3.17.1
Gnome ≫ Eye Of Gnome Version3.17.2
Gnome ≫ Eye Of Gnome Version3.17.3
Gnome ≫ Eye Of Gnome Version3.17.90
Gnome ≫ Eye Of Gnome Version3.17.91
Gnome ≫ Eye Of Gnome Version3.17.92
Gnome ≫ Eye Of Gnome Version3.18.0
Gnome ≫ Eye Of Gnome Version3.18.1
Gnome ≫ Eye Of Gnome Version3.18.2
Gnome ≫ Eye Of Gnome Version3.19.1
Gnome ≫ Eye Of Gnome Version3.19.2
Gnome ≫ Eye Of Gnome Version3.19.3
Gnome ≫ Eye Of Gnome Version3.19.4
Gnome ≫ Eye Of Gnome Version3.19.90
Gnome ≫ Eye Of Gnome Version3.19.91
Gnome ≫ Eye Of Gnome Version3.19.92
Gnome ≫ Eye Of Gnome Version3.20.0
Gnome ≫ Eye Of Gnome Version3.20.1
Gnome ≫ Eye Of Gnome Version3.20.2
Gnome ≫ Eye Of Gnome Version3.20.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 18.86% | 0.969 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
http://lists.opensuse.org/opensuse-updates/2016-09/msg00021.html
http://packetstormsecurity.com/files/138486/Gnome-Eye-Of-Gnome-3.10.2-Out-Of-Bounds-Write.html
http://www.securityfocus.com/bid/92616
http://www.ubuntu.com/usn/USN-3069-1
https://bugzilla.gnome.org/show_bug.cgi?id=770143
https://git.gnome.org/browse/eog/commit/?id=e99a8c00f959652fe7c10e2fa5a3a7a5c25e6af4
https://git.gnome.org/browse/eog/plain/NEWS?h=3.16.5
https://git.gnome.org/browse/eog/plain/NEWS?h=3.18.3
https://git.gnome.org/browse/eog/plain/NEWS?h=3.20.4
https://lists.debian.org/debian-lts-announce/2020/04/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JVINHHR6VJKXTYYMAYKN5GROKHVT4UKB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T6GFDHLNPUG7JHWM3QLXQNRA7NZGU2KI/
https://www.exploit-db.com/exploits/40291/