High severity7.5NVD Advisory· Published Sep 7, 2016· Updated Jun 17, 2026
CVE-2016-6855
CVE-2016-6855
Description
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
34cpe:2.3:a:gnome:eye_of_gnome:3.16.5:*:*:*:*:*:*:*+ 21 more
- cpe:2.3:a:gnome:eye_of_gnome:3.16.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.17.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.17.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.17.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.17.90:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.17.91:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.17.92:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.18.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.18.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.18.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.19.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.19.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.19.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.19.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.19.90:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.19.91:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.19.92:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.20.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.20.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.20.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:eye_of_gnome:3.20.3:*:*:*:*:*:*:*
- (no CPE)range: 3.16.5, 3.17.x, 3.18.x < 3.18.3, 3.19.x, 3.20.x < 3.20.4
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
- osv-coords5 versionspkg:rpm/opensuse/eog&distro=openSUSE%20Tumbleweedpkg:rpm/suse/eog&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/eog&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/eog&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/eog&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1
< 3.20.5-1.1+ 4 more
- (no CPE)range: < 3.20.5-1.1
- (no CPE)range: < 3.10.2-2.3.1
- (no CPE)range: < 3.10.2-2.3.1
- (no CPE)range: < 3.10.2-2.3.1
- (no CPE)range: < 3.10.2-2.3.1
Patches
Vulnerability mechanics
References
10- git.gnome.org/browse/eog/commit/nvdIssue TrackingPatch
- packetstormsecurity.com/files/138486/Gnome-Eye-Of-Gnome-3.10.2-Out-Of-Bounds-Write.htmlnvdExploitThird Party AdvisoryVDB Entry
- lists.opensuse.org/opensuse-updates/2016-09/msg00021.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/92616nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-3069-1nvdThird Party Advisory
- bugzilla.gnome.org/show_bug.cginvdIssue Tracking
- lists.debian.org/debian-lts-announce/2020/04/msg00018.htmlnvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JVINHHR6VJKXTYYMAYKN5GROKHVT4UKB/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T6GFDHLNPUG7JHWM3QLXQNRA7NZGU2KI/nvd
- www.exploit-db.com/exploits/40291/nvd
News mentions
0No linked articles in our index yet.