Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200505-08] HT Editor: Multiple buffer overflows Vulnerability Scan
Vulnerability Scan Summary
HT Editor: Multiple buffer overflows
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200505-08
(HT Editor: Multiple buffer overflows)
Tavis Ormandy of the Gentoo Linux Security Team discovered an
integer overflow in the ELF parser, leading to a heap-based buffer
overflow. The vendor has reported that an unrelated buffer overflow has
been discovered in the PE parser.
Successful exploitation would require the victim to open a
specially crafted file using HT, potentially permitting a possible hacker to
execute arbitrary code.
There is no known workaround at this time.
All hteditor users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-editors/hteditor-0.8.0-r2"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.