ChBg Remote Buffer Overflow Vulnerability

vendor:

ChBg

by:

7.5

CVSS

HIGH

Remote Buffer Overflow

CWE

Product Name: ChBg

Affected Version From: ChBg 1.5

Affected Version To: Unknown (likely multiple versions affected)

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

ChBg Remote Buffer Overflow Vulnerability

ChBg is prone to a remote buffer overflow vulnerability due to a lack of proper boundary checks when copying user-supplied data into sensitive process buffers. This vulnerability can be exploited by an attacker to gain superuser privileges on a vulnerable computer. The vulnerability can be exploited by crafting a malicious scenario file containing a list of pictures to display. When a user processes this file through ChBg, the attacker's instructions may be executed on the vulnerable computer.

Mitigation:

No specific mitigation or remediation information provided.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11957/info

ChBg is reported prone to a remote buffer overflow vulnerability. This issue arises because the application fails to carry out proper boundary checks before copying user-supplied data in to sensitive process buffers. It is reported that this issue can allow an attacker to gain superuser privileges on a vulnerable computer.

An attacker can exploit this issue by crafting a malicious scenario file. A scenario is a file containing a list of pictures to display.

If a user obtains this file and processes it through ChBg, the attacker-supplied instructions may be executed on the vulnerable computer.

ChBg 1.5 is reported prone to this vulnerability. It is likely that other versions are affected as well.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/24848.zip