Multiple gpsd Products CVE-2018-17937 Stack-Based Buffer Overflow Vulnerability
BID:107029
CVE-2018-17937 |Info
Multiple gpsd Products CVE-2018-17937 Stack-Based Buffer Overflow Vulnerability
| Bugtraq ID: | 107029 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2018-17937 |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 14 2019 12:00AM |
| Updated: | Feb 14 2019 12:00AM |
| Credit: | GE Digital Cyber Security Services |
| Vulnerable: |
Gpsd Project microjson 1.3 Gpsd Project microjson 1.0 Gpsd Project Gpsd 3.1.4 Gpsd Project Gpsd 3.0.1 Gpsd Project Gpsd 3.9 Gpsd Project Gpsd 3.8 Gpsd Project Gpsd 3.7 Gpsd Project Gpsd 3.6 Gpsd Project Gpsd 3.4 Gpsd Project Gpsd 3.3 Gpsd Project Gpsd 3.2 Gpsd Project Gpsd 3.17 Gpsd Project Gpsd 2.90 |
| Not Vulnerable: |
Gpsd Project microjson 1.4 Gpsd Project Gpsd 3.18 |
Discussion
Multiple gpsd Products CVE-2018-17937 Stack-Based Buffer Overflow Vulnerability
Multiple gpsd Products are prone to an stack-based buffer overflow vulnerability.
Successfully exploiting this vulnerability can allow remote attackers to execute arbitrary code in the context of the application. Failed attempts will likely result in denial-of-service conditions.
The following products are affected:
gpsd versions 2.90 through 3.17
microjson versions 1.0 through 1.3
Multiple gpsd Products are prone to an stack-based buffer overflow vulnerability.
Successfully exploiting this vulnerability can allow remote attackers to execute arbitrary code in the context of the application. Failed attempts will likely result in denial-of-service conditions.
The following products are affected:
gpsd versions 2.90 through 3.17
microjson versions 1.0 through 1.3
References
Multiple gpsd Products CVE-2018-17937 Stack-Based Buffer Overflow Vulnerability
References:
References:
- /releases/gpsd/ (gpsd)
- gpsd Home Page (gpsd)
- microjson Homepage (catb.org)