3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
0.4%
The libgtop2 package contains a library for obtaining information about a
running system, such as cpu, memory and disk usage; active processes; and
PIDs.
A flaw was found in the way libgtop2 handled long filenames mapped
into the address space of a process. An attacker could execute arbitrary
code on behalf of the user running gnome-system-monitor by executing a
process and mapping a file with a specially crafted name into the
processes’ address space. (CVE-2007-0235)
This update also fixes the following bug:
All users of gnome-system-monitor are advised to upgrade to this updated
libgtop2 package, which contains backported patches that resolve these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ppc | libgtop2-devel | < 2.8.0-1.0.2 | libgtop2-devel-2.8.0-1.0.2.ppc.rpm |
RedHat | any | src | libgtop2 | < 2.8.0-1.0.2 | libgtop2-2.8.0-1.0.2.src.rpm |
RedHat | any | s390x | libgtop2-devel | < 2.8.0-1.0.2 | libgtop2-devel-2.8.0-1.0.2.s390x.rpm |
RedHat | any | ia64 | libgtop2-devel | < 2.8.0-1.0.2 | libgtop2-devel-2.8.0-1.0.2.ia64.rpm |
RedHat | any | s390x | libgtop2 | < 2.8.0-1.0.2 | libgtop2-2.8.0-1.0.2.s390x.rpm |
RedHat | any | x86_64 | libgtop2-devel | < 2.8.0-1.0.2 | libgtop2-devel-2.8.0-1.0.2.x86_64.rpm |
RedHat | any | ppc | libgtop2 | < 2.8.0-1.0.2 | libgtop2-2.8.0-1.0.2.ppc.rpm |
RedHat | any | ppc64 | libgtop2 | < 2.8.0-1.0.2 | libgtop2-2.8.0-1.0.2.ppc64.rpm |
RedHat | any | s390 | libgtop2-devel | < 2.8.0-1.0.2 | libgtop2-devel-2.8.0-1.0.2.s390.rpm |
RedHat | any | x86_64 | libgtop2 | < 2.8.0-1.0.2 | libgtop2-2.8.0-1.0.2.x86_64.rpm |