Gnome Eye of Gnome Out-of-bounds-write
Posted on 30 November -0001
<HTML><HEAD><TITLE>Gnome Eye of Gnome Out-of-bounds-write</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY># Exploit Title: Gnome Eye of Gnome Out-of-bounds-write # Exploit Author: Kaslov Dmitri # Vendor Homepage: https://wiki.gnome.org/Apps/EyeOfGnome # Version: 3.10.2 # Tested on: Ubuntu 14.04 LTS # CVE: CVE-2016-6855 Proof of Concept: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40291.zip Reported: 19-August-2016 Fixed: 21-Agugst-2016 (fix will go into next software release) GMarkup requires valid UTF8 input strings and would cause odd looking messages if given invalid input. This could also trigger an out-of-bounds write in glib before 2.44.1 </BODY></HTML>