CVE-2016-6855
published 2016-09-07CVE-2016-6855: Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to…
PriorityP353high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
EXPLOIT
EPSS
18.86%
96.9th percentile
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | eog | < eog 3.20.4-1 (bookworm) | eog 3.20.4-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| gnome | eog | >= 0 < 3.20.4-1 | 3.20.4-1 |
| gnome | eog | >= 0 < 3.20.4-1 | 3.20.4-1 |
| gnome | eog | >= 0 < 3.20.4-1 | 3.20.4-1 |
| gnome | eog | >= 0 < 3.20.4-1 | 3.20.4-1 |
| gnome | eye_of_gnome | — | — |
| gnome | eye_of_gnome | — | — |
| gnome | eye_of_gnome | — | — |
| gnome | eye_of_gnome | — | — |
| gnome | eye_of_gnome | — | — |
| gnome | eye_of_gnome | — | — |
| gnome | eye_of_gnome | — | — |
| gnome | eye_of_gnome | — | — |
| gnome | eye_of_gnome | — | — |
| gnome | eye_of_gnome | — | — |
| gnome | eye_of_gnome | — | — |
| gnome | eye_of_gnome | — | — |
| gnome | eye_of_gnome | — | — |
| gnome | eye_of_gnome | — | — |
| gnome | eye_of_gnome | — | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Eye of GNOME vulnerability
vendor_ubuntu·2016-08-25
CVE-2016-6855 Eye of GNOME vulnerability
Title: Eye of GNOME vulnerability
Summary: Eye of GNOME could be made to crash or run programs as your login if it
opened a specially crafted image.
It was discovered that Eye of GNOME incorrectly handled certain invalid
UTF-8 strings. If a user were tricked into opening a specially-crafted
image, a remote attacker could use this issue to cause Eye of GNOME to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
eog: Out-of-bounds write when passing invalid UTF-8 to GMarkup
vendor_redhat·2016-08-19·CVSS 7.5
CVE-2016-6855 [HIGH] CWE-787 eog: Out-of-bounds write when passing invalid UTF-8 to GMarkup
eog: Out-of-bounds write when passing invalid UTF-8 to GMarkup
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
Package: eog (Red Hat Enterprise Linux 5) - Not affected
Package: eog (Red Hat Enterprise Linux 6) - Not affected
Package: eog (Red Hat Enterprise Linux 7) - Will not fix
Debian
CVE-2016-6855: eog - Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x ...
vendor_debian·2016·CVSS 7.5
CVE-2016-6855 [HIGH] CVE-2016-6855: eog - Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x ...
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
Scope: local
bookworm: resolved (fixed in 3.20.4-1)
bullseye: resolved (fixed in 3.20.4-1)
forky: resolved (fixed in 3.20.4-1)
sid: resolved (fixed in 3.20.4-1)
trixie: resolved (fixed in 3.20.4-1)
GHSA
GHSA-7jwp-58q4-9rxh: Eye of GNOME (aka eog) 3
ghsa_unreviewed·2022-05-14
CVE-2016-6855 [HIGH] CWE-787 GHSA-7jwp-58q4-9rxh: Eye of GNOME (aka eog) 3
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
OSV
CVE-2016-6855: Eye of GNOME (aka eog) 3
osv·2016-09-07·CVSS 7.5
CVE-2016-6855 [HIGH] CVE-2016-6855: Eye of GNOME (aka eog) 3
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
No detection rules found.
Bugzilla
CVE-2016-6855 eog: Out-of-bounds write when passing invalid UTF-8 to GMarkup
bugzilla·2016-08-22·CVSS 7.5
CVE-2016-6855 [HIGH] CVE-2016-6855 eog: Out-of-bounds write when passing invalid UTF-8 to GMarkup
CVE-2016-6855 eog: Out-of-bounds write when passing invalid UTF-8 to GMarkup
An out-of-bounds write vulnerability in eog was found when processing specially crafted SVG file. Due to passing the error message containing invalid UTF-8 character to GMarkup, out-of-bounds access is triggered.
Upstream bug:
https://bugzilla.gnome.org/show_bug.cgi?id=770143
Upstream patch:
https://git.gnome.org/browse/eog/commit/?id=e99a8c00f959652fe7c10e2fa5a3a7a5c25e6af4
Discussion:
Created eog tracking bugs for this issue:
Affects: fedora-all [bug 1369088]
---
Created attachment 1193475
upstream patch
---
eog-3.20.4-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
---
eog-3.18.3-1.fc23 has been pushed to the Fedora 2
Bugzilla
CVE-2016-6855 eog: Out-of-bounds write when passing invalid UTF-8 to GMarkup [fedora-all]
bugzilla·2016-08-22·CVSS 7.5
CVE-2016-6855 [HIGH] CVE-2016-6855 eog: Out-of-bounds write when passing invalid UTF-8 to GMarkup [fedora-all]
CVE-2016-6855 eog: Out-of-bounds write when passing invalid UTF-8 to GMarkup [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported
http://lists.opensuse.org/opensuse-updates/2016-09/msg00021.htmlhttp://packetstormsecurity.com/files/138486/Gnome-Eye-Of-Gnome-3.10.2-Out-Of-Bounds-Write.htmlhttp://www.securityfocus.com/bid/92616http://www.ubuntu.com/usn/USN-3069-1https://bugzilla.gnome.org/show_bug.cgi?id=770143https://git.gnome.org/browse/eog/commit/?id=e99a8c00f959652fe7c10e2fa5a3a7a5c25e6af4https://git.gnome.org/browse/eog/plain/NEWS?h=3.16.5https://git.gnome.org/browse/eog/plain/NEWS?h=3.18.3https://git.gnome.org/browse/eog/plain/NEWS?h=3.20.4https://lists.debian.org/debian-lts-announce/2020/04/msg00018.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JVINHHR6VJKXTYYMAYKN5GROKHVT4UKB/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T6GFDHLNPUG7JHWM3QLXQNRA7NZGU2KI/https://www.exploit-db.com/exploits/40291/http://lists.opensuse.org/opensuse-updates/2016-09/msg00021.htmlhttp://packetstormsecurity.com/files/138486/Gnome-Eye-Of-Gnome-3.10.2-Out-Of-Bounds-Write.htmlhttp://www.securityfocus.com/bid/92616http://www.ubuntu.com/usn/USN-3069-1https://bugzilla.gnome.org/show_bug.cgi?id=770143https://git.gnome.org/browse/eog/commit/?id=e99a8c00f959652fe7c10e2fa5a3a7a5c25e6af4https://git.gnome.org/browse/eog/plain/NEWS?h=3.16.5https://git.gnome.org/browse/eog/plain/NEWS?h=3.18.3https://git.gnome.org/browse/eog/plain/NEWS?h=3.20.4https://lists.debian.org/debian-lts-announce/2020/04/msg00018.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JVINHHR6VJKXTYYMAYKN5GROKHVT4UKB/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T6GFDHLNPUG7JHWM3QLXQNRA7NZGU2KI/https://www.exploit-db.com/exploits/40291/
2016-09-07
Published