#VU7866 Stack-based buffer overflow in libsoup - CVE-2017-2885
Published: August 15, 2017
Vulnerability identifier: #VU7866
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber
CVE-ID: CVE-2017-2885
CWE-ID: CWE-121
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
libsoup
libsoup
Software vendor:
Gnome Development Team
Gnome Development Team
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists in the in the libsoup library for GNOME due to improper bounds checking when processing a crafted HTTP request containing chunk encoded data. A remote attacker can send a specially crafted HTTP request, trigger a stack-based buffer overflow condition in the soup_body_input_stream_read_chunked function in the libsoup/soup-body-input-stream.c code and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
The weakness exists in the in the libsoup library for GNOME due to improper bounds checking when processing a crafted HTTP request containing chunk encoded data. A remote attacker can send a specially crafted HTTP request, trigger a stack-based buffer overflow condition in the soup_body_input_stream_read_chunked function in the libsoup/soup-body-input-stream.c code and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
Remediation
The vulnerability is addressed in the following versions: 2.59.90.1, 2.58.2, and 2.56.1.