← back
CVE-2017-2885

CVE-2017-2885

CVSS 9.8 CRITICALEPSS 24.6%
An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
GNOME · libsoup
public PoCs found1
cve_referencepacketstormsecurity.com/files/160388/ProCaster-LE-32F430-GStreamer-souphttpsrc-libsoup-2.51.3-Stack-Overflow.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/160388/ProCaster-LE-32F430-GStreamer-souphttpsrc-libsoup-2.51.3-Stack-Overflow.htmlhttps://access.redhat.com/errata/RHSA-2017:2459http://seclists.org/fulldisclosure/2020/Dec/3https://www.debian.org/security/2017/dsa-3929https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0392http://www.securityfocus.com/bid/100258