Описание
An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-bounds index to be used when reading and writing to an array. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow when processing the directory from the file, allowing an out-of-bounds index to be used when reading and writing to an array. This issue can lead to arbitrary code execution.
Отчет
This vulnerability should be classified as important severity rather than moderate due to the potential impact of the integer overflow, which can lead to arbitrary code execution. The flaw arises in the core parsing logic of the Compound Document Binary File (CDF) format within libgsf, a widely used library for handling structured file formats. An attacker can exploit this by crafting a malicious file that triggers an out-of-bounds memory write, leading to memory corruption. Since this can result in control over execution flow, the vulnerability opens up the risk for remote code execution in applications that rely on libgsf for file handling, making it more dangerous than a moderate-level issue. Additionally, as CDF formats are used in common file types (e.g., Microsoft Office documents), this vulnerability could easily be weaponized through social engineering attacks such as phishing.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libgsf | Not affected | ||
| Red Hat Enterprise Linux 7 | libgsf | Not affected | ||
| Red Hat Enterprise Linux 8 | libgsf | Not affected | ||
| Red Hat Enterprise Linux 9 | libgsf | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
8.4 High
CVSS3
Связанные уязвимости
An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-bounds index to be used when reading and writing to an array. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-bounds index to be used when reading and writing to an array. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
An integer overflow vulnerability exists in the Compound Document Bina ...
An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-bounds index to be used when reading and writing to an array. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Уязвимость библиотеки структурированных файлов GNOME Project G libgsf, связанная с целочисленным переполнением, позволяющая нарушителю выполнить произвольный код
EPSS
8.4 High
CVSS3