#VU10252 Stack-based buffer overflow in gcab - CVE-2018-5345

Cybersecurity Help s.r.o.

Published: 2018-01-25

Vulnerability identifier: #VU10252

Vulnerability risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2018-5345

CWE-ID: CWE-121

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
gcab
Client/Desktop applications / Other client software

Vendor: Gnome Development Team

Description
The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.

The weakness exists due to stack-based buffer overflow when handling malicious input. A remote attacker can trick the victim into opening a specially crafted .cab file, trigger memory corruptions and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation
Update to the latest version.

Vulnerable software versions

gcab: 0.7.0 - 0.7.4

External links
https://bugzilla.redhat.com/show_bug.cgi?id=1527296

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Red Hat update for gcab

Debian update for gcab

Ubuntu update for gcab