7.3 High
AI Score
Confidence
High
3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
19.4%
Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2.14.6 (libgtop2) allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a process with a long filename that is mapped in its address space, which triggers the overflow in gnome-system-monitor.
CPE | Name | Operator | Version |
---|---|---|---|
libgtop:libgtop | libgtop | le | 2.14.5 |
bugzilla.gnome.org/show_bug.cgi?id=396477
ftp.gnome.org/pub/gnome/sources/libgtop/2.14/libgtop-2.14.6.news
osvdb.org/32815
secunia.com/advisories/23736
secunia.com/advisories/23777
secunia.com/advisories/23814
secunia.com/advisories/23840
secunia.com/advisories/23872
secunia.com/advisories/24015
secunia.com/advisories/26367
security.gentoo.org/glsa/glsa-200701-17.xml
www.debian.org/security/2007/dsa-1255
www.mandriva.com/security/advisories?name=MDKSA-2007:023
www.redhat.com/support/errata/RHSA-2007-0765.html
www.securityfocus.com/bid/22054
www.securitytracker.com/id?1018526
www.ubuntu.com/usn/usn-407-1
www.vupen.com/english/advisories/2007/0185
www.vupen.com/english/advisories/2007/0187
exchange.xforce.ibmcloud.com/vulnerabilities/31522
issues.rpath.com/browse/RPL-972
launchpad.net/bugs/79206
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10720