CVE-2016-6855

First published: Wed Sep 07 2016(Updated: )

Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Fedoraproject Fedora	=23
Fedoraproject Fedora	=24
openSUSE Leap	=42.1
openSUSE openSUSE	=13.2
Canonical Ubuntu Linux	=12.04
Canonical Ubuntu Linux	=14.04
Canonical Ubuntu Linux	=16.04
Gnome Eye Of Gnome	=3.16.5
Gnome Eye Of Gnome	=3.17.1
Gnome Eye Of Gnome	=3.17.2
Gnome Eye Of Gnome	=3.17.3
Gnome Eye Of Gnome	=3.17.90
Gnome Eye Of Gnome	=3.17.91
Gnome Eye Of Gnome	=3.17.92
Gnome Eye Of Gnome	=3.18.0
Gnome Eye Of Gnome	=3.18.1
Gnome Eye Of Gnome	=3.18.2
Gnome Eye Of Gnome	=3.19.1
Gnome Eye Of Gnome	=3.19.2
Gnome Eye Of Gnome	=3.19.3
Gnome Eye Of Gnome	=3.19.4
Gnome Eye Of Gnome	=3.19.90
Gnome Eye Of Gnome	=3.19.91
Gnome Eye Of Gnome	=3.19.92
Gnome Eye Of Gnome	=3.20.0
Gnome Eye Of Gnome	=3.20.1
Gnome Eye Of Gnome	=3.20.2
Gnome Eye Of Gnome	=3.20.3
GNOME GLib	=2.44.0

Remedy

https://git.gnome.org/browse/eog/commit/?id=e99a8c00f959652fe7c10e2fa5a3a7a5c25e6af4

Never miss a vulnerability like this again

Reference Links

agent/type
agent/last-modified-date
agent/first-publish-date
agent/references
agent/severity
agent/weakness
agent/author
agent/remedy
agent/description
agent/event
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
agent/softwarecombine
collector/mitre-cve
source/MITRE
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/23
version/fedoraproject fedora/24
vendor/opensuse
canonical/opensuse leap
version/opensuse leap/42.1
canonical/opensuse opensuse
version/opensuse opensuse/13.2
vendor/canonical
canonical/canonical ubuntu linux
version/canonical ubuntu linux/12.04
version/canonical ubuntu linux/14.04
version/canonical ubuntu linux/16.04
vendor/gnome
canonical/gnome eye of gnome
version/gnome eye of gnome/3.16.5
version/gnome eye of gnome/3.17.1
version/gnome eye of gnome/3.17.2
version/gnome eye of gnome/3.17.3
version/gnome eye of gnome/3.17.90
version/gnome eye of gnome/3.17.91
version/gnome eye of gnome/3.17.92
version/gnome eye of gnome/3.18.0
version/gnome eye of gnome/3.18.1
version/gnome eye of gnome/3.18.2
version/gnome eye of gnome/3.19.1
version/gnome eye of gnome/3.19.2
version/gnome eye of gnome/3.19.3
version/gnome eye of gnome/3.19.4
version/gnome eye of gnome/3.19.90
version/gnome eye of gnome/3.19.91
version/gnome eye of gnome/3.19.92
version/gnome eye of gnome/3.20.0
version/gnome eye of gnome/3.20.1
version/gnome eye of gnome/3.20.2
version/gnome eye of gnome/3.20.3
canonical/gnome glib
version/gnome glib/2.44.0

CVE-2016-6855

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact