CVE-2016-6855

Published on: 09/07/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:11 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Certain versions of Ubuntu Linux from Canonical contain the following vulnerability:

Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.

  • CVE-2016-6855 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.5 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE NONE HIGH

CVSS2 Score: 5 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE NONE PARTIAL

CVE References

Description Tags Link
eog - Browse and rotate images Issue Tracking
Patch
git.gnome.org
text/html
URL Logo CONFIRM git.gnome.org/browse/eog/commit/?id=e99a8c00f959652fe7c10e2fa5a3a7a5c25e6af4
openSUSE-SU-2016:2242-1: moderate: Security update for eog Third Party Advisory
lists.opensuse.org
text/html
URL Logo SUSE openSUSE-SU-2016:2242
[SECURITY] [DLA 2185-1] eog security update lists.debian.org
text/html
URL Logo MLIST [debian-lts-announce] 20200425 [SECURITY] [DLA 2185-1] eog security update
[SECURITY] Fedora 24 Update: eog-3.20.4-1.fc24 - package-announce - Fedora Mailing-Lists Third Party Advisory
lists.fedoraproject.org
text/html
URL Logo FEDORA FEDORA-2016-5abbc35b6a
Gnome Eye Of Gnome 3.10.2 Out-Of-Bounds Write ≈ Packet Storm Exploit
Third Party Advisory
VDB Entry
packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/138486/Gnome-Eye-Of-Gnome-3.10.2-Out-Of-Bounds-Write.html
USN-3069-1: Eye of GNOME vulnerability | Ubuntu Third Party Advisory
www.ubuntu.com
text/html
URL Logo UBUNTU USN-3069-1
Release Notes
git.gnome.org
text/plain
URL Logo CONFIRM git.gnome.org/browse/eog/plain/NEWS?h=3.18.3
[SECURITY] Fedora 23 Update: eog-3.18.3-1.fc23 - package-announce - Fedora Mailing-Lists Third Party Advisory
lists.fedoraproject.org
text/html
URL Logo FEDORA FEDORA-2016-0f8779baa6
Eye of Gnome 3.10.2 - GMarkup Out of Bounds Write - Linux dos Exploit www.exploit-db.com
Proof of Concept
text/html
URL Logo EXPLOIT-DB 40291
Bug 770143 – CVE-2016-6855 out-of-bounds write in eog 3.10.2 Issue Tracking
bugzilla.gnome.org
text/html
URL Logo CONFIRM bugzilla.gnome.org/show_bug.cgi?id=770143
Gnome Eye Of Gnome CVE-2016-6855 Out of Bounds Write Denial of Service Vulnerability Third Party Advisory
VDB Entry
cve.report (archive)
text/html
URL Logo BID 92616
Release Notes
git.gnome.org
text/plain
URL Logo CONFIRM git.gnome.org/browse/eog/plain/NEWS?h=3.20.4
Release Notes
git.gnome.org
text/plain
URL Logo CONFIRM git.gnome.org/browse/eog/plain/NEWS?h=3.16.5

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System
CanonicalUbuntu Linux12.04AllAllAll
Operating
System
CanonicalUbuntu Linux14.04AllAllAll
Operating
System
CanonicalUbuntu Linux16.04AllAllAll
Operating
System
CanonicalUbuntu Linux12.04AllAllAll
Operating
System
CanonicalUbuntu Linux14.04AllAllAll
Operating
System
CanonicalUbuntu Linux16.04AllAllAll
Operating
System
FedoraprojectFedora23AllAllAll
Operating
System
FedoraprojectFedora24AllAllAll
Operating
System
FedoraprojectFedora23AllAllAll
Operating
System
FedoraprojectFedora24AllAllAll
ApplicationGnomeEye Of Gnome3.16.5AllAllAll
ApplicationGnomeEye Of Gnome3.17.1AllAllAll
ApplicationGnomeEye Of Gnome3.17.2AllAllAll
ApplicationGnomeEye Of Gnome3.17.3AllAllAll
ApplicationGnomeEye Of Gnome3.17.90AllAllAll
ApplicationGnomeEye Of Gnome3.17.91AllAllAll
ApplicationGnomeEye Of Gnome3.17.92AllAllAll
ApplicationGnomeEye Of Gnome3.18.0AllAllAll
ApplicationGnomeEye Of Gnome3.18.1AllAllAll
ApplicationGnomeEye Of Gnome3.18.2AllAllAll
ApplicationGnomeEye Of Gnome3.19.1AllAllAll
ApplicationGnomeEye Of Gnome3.19.2AllAllAll
ApplicationGnomeEye Of Gnome3.19.3AllAllAll
ApplicationGnomeEye Of Gnome3.19.4AllAllAll
ApplicationGnomeEye Of Gnome3.19.90AllAllAll
ApplicationGnomeEye Of Gnome3.19.91AllAllAll
ApplicationGnomeEye Of Gnome3.19.92AllAllAll
ApplicationGnomeEye Of Gnome3.20.0AllAllAll
ApplicationGnomeEye Of Gnome3.20.1AllAllAll
ApplicationGnomeEye Of Gnome3.20.2AllAllAll
ApplicationGnomeEye Of Gnome3.20.3AllAllAll
ApplicationGnomeEye Of Gnome3.16.5AllAllAll
ApplicationGnomeEye Of Gnome3.17.1AllAllAll
ApplicationGnomeEye Of Gnome3.17.2AllAllAll
ApplicationGnomeEye Of Gnome3.17.3AllAllAll
ApplicationGnomeEye Of Gnome3.17.90AllAllAll
ApplicationGnomeEye Of Gnome3.17.91AllAllAll
ApplicationGnomeEye Of Gnome3.17.92AllAllAll
ApplicationGnomeEye Of Gnome3.18.0AllAllAll
ApplicationGnomeEye Of Gnome3.18.1AllAllAll
ApplicationGnomeEye Of Gnome3.18.2AllAllAll
ApplicationGnomeEye Of Gnome3.19.1AllAllAll
ApplicationGnomeEye Of Gnome3.19.2AllAllAll
ApplicationGnomeEye Of Gnome3.19.3AllAllAll
ApplicationGnomeEye Of Gnome3.19.4AllAllAll
ApplicationGnomeEye Of Gnome3.19.90AllAllAll
ApplicationGnomeEye Of Gnome3.19.91AllAllAll
ApplicationGnomeEye Of Gnome3.19.92AllAllAll
ApplicationGnomeEye Of Gnome3.20.0AllAllAll
ApplicationGnomeEye Of Gnome3.20.1AllAllAll
ApplicationGnomeEye Of Gnome3.20.2AllAllAll
ApplicationGnomeEye Of Gnome3.20.3AllAllAll
ApplicationGnomeGlib2.44.0AllAllAll
ApplicationGnomeGlib2.44.0AllAllAll
Operating
System
OpensuseLeap42.1AllAllAll
Operating
System
OpensuseLeap42.1AllAllAll
Operating
System
OpensuseOpensuse13.2AllAllAll
Operating
System
OpensuseOpensuse13.2AllAllAll
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*:
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*:
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*:
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*:
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*:
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*:
  • cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*:
  • cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*:
  • cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*:
  • cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.16.5:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.17.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.17.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.17.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.17.90:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.17.91:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.17.92:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.18.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.18.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.18.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.19.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.19.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.19.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.19.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.19.90:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.19.91:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.19.92:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.20.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.20.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.20.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.20.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.16.5:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.17.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.17.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.17.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.17.90:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.17.91:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.17.92:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.18.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.18.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.18.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.19.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.19.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.19.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.19.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.19.90:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.19.91:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.19.92:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.20.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.20.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.20.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:eye_of_gnome:3.20.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:glib:2.44.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnome:glib:2.44.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*:
  • cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*:
  • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*:
  • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*: