PT-2018-1887 · Gnome+2 · Gnome Librsvg+2

Alex Birsan

Publicado

2017-12-31

Atualizado

2019-10-03

CVE-2018-1000041

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions GNOME librsvg versions prior to commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea

Description The issue is related to improper input validation in the rsvg-io.c file, which can lead to the leakage of a victim's Windows username and NTLM password hash to remote attackers through SMB. This can be exploited by processing a specially crafted SVG file containing a UNC path on Windows. The vulnerability is associated with an error in input data validation, allowing a remote attacker to intercept the victim's Windows username and NTLM password hash via SMB.

Recommendations For versions prior to commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea, consider avoiding the processing of SVG files from untrusted sources until a patch is available. As a temporary workaround, restrict access to SMB shares to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-255

Identificadores relacionados

ALT-PU-2017-2857

BDU:2018-01491

CVE-2018-1000041

DLA-1278-1

MGASA-2018-0291

MGASA-2018-0297

OPENSUSE-SU-2018_1310-1

SUSE-SU-2018:1288-1

SUSE-SU-2018_1288-1

Produtos afetados

Alt Linux

Gnome Librsvg

Suse

PT-2018-1887 · Gnome+2 · Gnome Librsvg+2

CVE-2018-1000041

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 26