Main Vulnerability Database Exploits ID:1175 - Exploit for Heap-based buffer overflow in SAPCAR - CVE-2017-8852

ID:1175 - Exploit for Heap-based buffer overflow in SAPCAR - CVE-2017-8852

Published: March 18, 2020

Vulnerability identifier: #VU6510

Vulnerability risk: Low

CVE-ID: CVE-2017-8852

CWE-ID: CWE-122

Exploitation vector: Local access

Vulnerable software:
SAPCAR

Link to public exploit:

https://www.exploit-db.com/exploits/41991/

Vulnerability description

The vulnerability allows a local attacker to execute arbitrary code on the target system.

The vulnerability exists due to heap-based buffer overflow when parsing malicious content. A local attacker can submit a specially crafted CAR archive file, trigger memory corruption and execute arbitrary code on the target system with root privileges.

Successful exploitation of this vulnerability may result in system compromise.

Remediation

Install update from vendor's website.

ID:1175 - Exploit for Heap-based buffer overflow in SAPCAR - CVE-2017-8852

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human