#VU8430 Out-of-bounds write in LibOFX - CVE-2017-2816


Vulnerability identifier: #VU8430

Vulnerability risk: High

CVSSv4.0: 7.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2017-2816

CWE-ID: CWE-787

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
LibOFX
Universal components / Libraries / Libraries used by multiple products

Vendor: GNU

Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists in the tag parsing functionality due to out-of-bounds write when handling malicious input. A remote attacker can trick the victim into opening a specially crafted OFX file, trigger stack-based buffer overflow and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.

Vulnerable software versions

LibOFX: 0.9.11

External links
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0317

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.


Latest bulletins with this vulnerability


Gentoo update for libofx
OpenSUSE Linux update for libofx
Fedora 28 update for libofx
Fedora 27 update for libofx
Fedora 26 update for libofx
Fedora EPEL 7 update for libofx
Arch Linux update for libofx
Remote code execution in GNU LibOFX