ByteOS Network

CVE Vulnerability Details :

CVE-2017-2885

PUBLISHED

More Info Official Page

Assigner-talos

Assigner Org ID-b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b

Published At-24 Apr, 2018 | 19:00

Updated At-17 Sep, 2024 | 03:32

▼CVE Numbering Authority (CNA)

An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability.

Affected Products

Vendor

The GNOME Project

Product

libsoup

Versions

Affected

2.58

Problem Types

Type	CWE ID	Description
text	N/A	buffer overflow

Type: text

CWE ID: N/A

Description: buffer overflow

Metrics

Version	Base score	Base severity	Vector
3.0	9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Version: 3.0

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Hyperlink	Resource
https://access.redhat.com/errata/RHSA-2017:2459	vendor-advisory x_refsource_REDHAT
https://www.debian.org/security/2017/dsa-3929	vendor-advisory x_refsource_DEBIAN
http://www.securityfocus.com/bid/100258	vdb-entry x_refsource_BID
http://seclists.org/fulldisclosure/2020/Dec/3	mailing-list x_refsource_FULLDISC
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0392	x_refsource_MISC
http://packetstormsecurity.com/files/160388/ProCaster-LE-32F430-GStreamer-souphttpsrc-libsoup-2.51.3-Stack-Overflow.html	x_refsource_MISC

Hyperlink: https://access.redhat.com/errata/RHSA-2017:2459

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: https://www.debian.org/security/2017/dsa-3929

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: http://www.securityfocus.com/bid/100258

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://seclists.org/fulldisclosure/2020/Dec/3

Resource:

mailing-list

x_refsource_FULLDISC

Hyperlink: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0392

Resource:

x_refsource_MISC

Hyperlink: http://packetstormsecurity.com/files/160388/ProCaster-LE-32F430-GStreamer-souphttpsrc-libsoup-2.51.3-Stack-Overflow.html

Resource:

x_refsource_MISC

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://access.redhat.com/errata/RHSA-2017:2459	vendor-advisory x_refsource_REDHAT x_transferred
https://www.debian.org/security/2017/dsa-3929	vendor-advisory x_refsource_DEBIAN x_transferred
http://www.securityfocus.com/bid/100258	vdb-entry x_refsource_BID x_transferred
http://seclists.org/fulldisclosure/2020/Dec/3	mailing-list x_refsource_FULLDISC x_transferred
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0392	x_refsource_MISC x_transferred
http://packetstormsecurity.com/files/160388/ProCaster-LE-32F430-GStreamer-souphttpsrc-libsoup-2.51.3-Stack-Overflow.html	x_refsource_MISC x_transferred

Hyperlink: https://access.redhat.com/errata/RHSA-2017:2459

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: https://www.debian.org/security/2017/dsa-3929

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: http://www.securityfocus.com/bid/100258

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://seclists.org/fulldisclosure/2020/Dec/3

Resource:

mailing-list

x_refsource_FULLDISC

x_transferred

Hyperlink: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0392

Resource:

x_refsource_MISC

x_transferred

Hyperlink: http://packetstormsecurity.com/files/160388/ProCaster-LE-32F430-GStreamer-souphttpsrc-libsoup-2.51.3-Stack-Overflow.html

Resource:

x_refsource_MISC

x_transferred

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References