Fluid Attacks Database

Description

Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2.14.6 (libgtop2) allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a process with a long filename that is mapped in its address space, which triggers the overflow in gnome-system-monitor.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	libgtop2	>=0 <2.14.4-3	2.14.4-3
debian 12	libgtop2	>=0 <2.14.4-3	2.14.4-3
debian 13	libgtop2	>=0 <2.14.4-3	2.14.4-3
debian 14	libgtop2	>=0 <2.14.4-3	2.14.4-3

Aliases

1. CVE-2007-02352. NVD-2007-02353. OSV-DEBIAN-2007-02354. OSV-2007-02355. SECURITY-TRACKER-CVE-2007-0235

References

1. https://www.exploit-db.com/exploits/29458

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.