An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-bounds index to be used when reading and writing to an array. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
{ "ubuntu_priority": "medium", "availability": "No subscription required", "binaries": [ { "binary_name": "gir1.2-gsf-1", "binary_version": "1.14.46-1ubuntu0.1" }, { "binary_name": "libgsf-1-114", "binary_version": "1.14.46-1ubuntu0.1" }, { "binary_name": "libgsf-1-114-dbgsym", "binary_version": "1.14.46-1ubuntu0.1" }, { "binary_name": "libgsf-1-common", "binary_version": "1.14.46-1ubuntu0.1" }, { "binary_name": "libgsf-1-dev", "binary_version": "1.14.46-1ubuntu0.1" }, { "binary_name": "libgsf-bin", "binary_version": "1.14.46-1ubuntu0.1" }, { "binary_name": "libgsf-bin-dbgsym", "binary_version": "1.14.46-1ubuntu0.1" } ] }
{ "ubuntu_priority": "medium", "availability": "No subscription required", "binaries": [ { "binary_name": "gir1.2-gsf-1", "binary_version": "1.14.47-1ubuntu0.1" }, { "binary_name": "libgsf-1-114", "binary_version": "1.14.47-1ubuntu0.1" }, { "binary_name": "libgsf-1-114-dbgsym", "binary_version": "1.14.47-1ubuntu0.1" }, { "binary_name": "libgsf-1-common", "binary_version": "1.14.47-1ubuntu0.1" }, { "binary_name": "libgsf-1-dev", "binary_version": "1.14.47-1ubuntu0.1" }, { "binary_name": "libgsf-bin", "binary_version": "1.14.47-1ubuntu0.1" }, { "binary_name": "libgsf-bin-dbgsym", "binary_version": "1.14.47-1ubuntu0.1" } ] }
{ "ubuntu_priority": "medium", "availability": "No subscription required", "binaries": [ { "binary_name": "gir1.2-gsf-1", "binary_version": "1.14.52-1ubuntu0.1" }, { "binary_name": "libgsf-1-114", "binary_version": "1.14.52-1ubuntu0.1" }, { "binary_name": "libgsf-1-114-dbgsym", "binary_version": "1.14.52-1ubuntu0.1" }, { "binary_name": "libgsf-1-common", "binary_version": "1.14.52-1ubuntu0.1" }, { "binary_name": "libgsf-1-dev", "binary_version": "1.14.52-1ubuntu0.1" }, { "binary_name": "libgsf-bin", "binary_version": "1.14.52-1ubuntu0.1" }, { "binary_name": "libgsf-bin-dbgsym", "binary_version": "1.14.52-1ubuntu0.1" } ] }
{ "ubuntu_priority": "medium", "availability": "No subscription required", "binaries": [ { "binary_name": "gir1.2-gsf-1", "binary_version": "1.14.51-2ubuntu0.1" }, { "binary_name": "libgsf-1-114", "binary_version": "1.14.51-2ubuntu0.1" }, { "binary_name": "libgsf-1-114-dbgsym", "binary_version": "1.14.51-2ubuntu0.1" }, { "binary_name": "libgsf-1-common", "binary_version": "1.14.51-2ubuntu0.1" }, { "binary_name": "libgsf-1-dev", "binary_version": "1.14.51-2ubuntu0.1" }, { "binary_name": "libgsf-bin", "binary_version": "1.14.51-2ubuntu0.1" }, { "binary_name": "libgsf-bin-dbgsym", "binary_version": "1.14.51-2ubuntu0.1" } ] }
{ "ubuntu_priority": "medium", "availability": "No subscription required", "binaries": [ { "binary_name": "gir1.2-gsf-1", "binary_version": "1.14.52-1ubuntu0.1" }, { "binary_name": "libgsf-1-114", "binary_version": "1.14.52-1ubuntu0.1" }, { "binary_name": "libgsf-1-114-dbgsym", "binary_version": "1.14.52-1ubuntu0.1" }, { "binary_name": "libgsf-1-common", "binary_version": "1.14.52-1ubuntu0.1" }, { "binary_name": "libgsf-1-dev", "binary_version": "1.14.52-1ubuntu0.1" }, { "binary_name": "libgsf-bin", "binary_version": "1.14.52-1ubuntu0.1" }, { "binary_name": "libgsf-bin-dbgsym", "binary_version": "1.14.52-1ubuntu0.1" } ] }