CVE-2018-5345

Priority
High
Description
A stack-based buffer overflow within GNOME gcab through 0.7.4 can be
exploited by malicious attackers to cause a crash or, potentially, execute
arbitrary code via a crafted .cab file.
References
Bugs
Assigned-to
mdeslaur
Package
Source: gcab (LP Ubuntu Debian)
Upstream:released (0.7-7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (0.7-1ubuntu0.1)
Ubuntu 17.10 (Artful Aardvark):released (0.7-4ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (0.7-7)
Patches:
Upstream:https://git.gnome.org/browse/gcab/commit/?id=bd2abee5f0a9b5cbe3a1ab1f338c4fb8f6ca797b
More Information

Updated: 2018-06-26 05:03:07 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)