CVE-2017-14108

MEDIUM

GNOME gedit < 3.22.1 - Denial of Service via File with Leading Null Bytes

Title source: llm
STIX 2.1

Description

libgedit.a in GNOME gedit through 3.22.1 allows remote attackers to cause a denial of service (CPU consumption) via a file that begins with many '\0' characters.

References (3)

Core 3
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
https://packetstormsecurity.com/files/143983/libgedit.a-3.22.1-Denial-Of-Service.html
Issue Tracking x_refsource_misc
https://bugzilla.gnome.org/show_bug.cgi?id=791037
Third Party Advisory x_refsource_misc
https://cxsecurity.com/issue/WLB-2017090008

Scores

CVSS v3 5.5
EPSS 0.0067
EPSS Percentile 71.7%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE
CWE-400
Status published
Products (1)
gnome/gedit < 3.22.1
Published Sep 05, 2017
Tracked Since Feb 18, 2026