Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.7
CVSSv2

CVE-2007-0235

Published: 16/01/2007 Updated: 11/10/2017
CVSS v2 Base Score: 3.7 | Impact Score: 6.4 | Exploitability Score: 1.9
VMScore: 375
Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P
Subscribe to Libgtop

Vulnerability Summary

Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop prior to 2.14.6 (libgtop2) allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a process with a long filename that is mapped in its address space, which triggers the overflow in gnome-system-monitor.

Vulnerable Product Search on Vulmon Subscribe to Product

libgtop libgtop

Vendor Advisories

Debian Security Advisories: DSA-1255-1 libgtop2 -- buffer overflow
Liu Qishuai discovered that the GNOME gtop library performs insufficient sanitising when parsing the system's /proc table, which may lead to the execution of arbitrary code For the stable distribution (sarge) this problem has been fixed in version 260-4sarge1 For the upcoming stable distribution (etch) this problem has been fixed in version 21 ...

Exploits

Exploit DB: Libgtop2 Library - Local Buffer Overflow
source: wwwsecurityfocuscom/bid/22054/info The 'libgtop2' library is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying into an insufficiently sized memory buffer An attacker may exploit this issue by enticing victims into viewing a maliciously crafted system proce ...

References

CWE-119https://launchpad.net/bugs/79206http://bugzilla.gnome.org/show_bug.cgi?id=396477http://ftp.gnome.org/pub/gnome/sources/libgtop/2.14/libgtop-2.14.6.newshttp://www.ubuntu.com/usn/usn-407-1http://secunia.com/advisories/23736http://secunia.com/advisories/23777https://issues.rpath.com/browse/RPL-972http://www.debian.org/security/2007/dsa-1255http://security.gentoo.org/glsa/glsa-200701-17.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:023http://www.securityfocus.com/bid/22054http://secunia.com/advisories/23814http://secunia.com/advisories/23840http://secunia.com/advisories/23872http://secunia.com/advisories/24015http://www.redhat.com/support/errata/RHSA-2007-0765.htmlhttp://www.securitytracker.com/id?1018526http://secunia.com/advisories/26367http://osvdb.org/32815http://www.vupen.com/english/advisories/2007/0187http://www.vupen.com/english/advisories/2007/0185https://exchange.xforce.ibmcloud.com/vulnerabilities/31522https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10720https://nvd.nist.govhttps://www.debian.org/security/./dsa-1255https://www.exploit-db.com/exploits/29458/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook