PT-1999-1732 · Gnome+1 · Gnome Libraries+1

Published

1999-09-23

Updated

2017-12-19

CVE-1999-1477

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: GNOME libraries version 1.0.8

Description: A buffer overflow issue in GNOME libraries allows a local user to gain root access by providing a long --espeaker argument in certain programs, such as nethack.

Recommendations: For GNOME libraries version 1.0.8, avoid using the --espeaker argument with long input in programs like nethack until a patch is available. As a temporary workaround, consider restricting access to programs that utilize the vulnerable GNOME libraries to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1477

Affected Products

Gnome Libraries

Nethack

PT-1999-1732 · Gnome+1 · Gnome Libraries+1

CVE-1999-1477

Related Identifiers

Affected Products

References · 5