0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Telegram Desktop 1.3.14 denial of service Vulnerability
Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of service (assertion failure and application exit) via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by multiple third parties because the described attack scenario does not cross a privilege boundary. Steps to reproduce: 1. Open Telegram 2. Launch theme editor 3. Save the file in some location 4. The tdesktop then open "Edit color palette" 5. Type "Hello World" in search <press enter> 6. The tdesktop gets crash Crashes, ASSERT failure in QVector<T>::operator[]: "index out of range", file /usr/local/tdesktop/Qt-5.6.2/include/QtCore/qvector.h, line 431 Aborted (core dumped) Backtrace: $ gdb ./Telegram GNU gdb (Ubuntu 8.1-0ubuntu3) 8.1.0.20180409-git Copyright (C) 2018 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". Type "show configuration" for configuration details. For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>. Find the GDB manual and other documentation resources online at: <http://www.gnu.org/software/gdb/documentation/>. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from ./Telegram...(no debugging symbols found)...done. (gdb) r Starting program: /home/input0/Desktop/Telegram/Telegram [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". [New Thread 0x7ffff40e5700 (LWP 8743)] [New Thread 0x7ffff32ca700 (LWP 8744)] [New Thread 0x7ffff2ac9700 (LWP 8746)] [New Thread 0x7ffff19fa700 (LWP 8747)] [New Thread 0x7ffff11f9700 (LWP 8748)] [Thread 0x7ffff19fa700 (LWP 8747) exited] [New Thread 0x7ffff19fa700 (LWP 8749)] [New Thread 0x7fffd4da1700 (LWP 8750)] [New Thread 0x7fffcb25c700 (LWP 8751)] [Thread 0x7fffcb25c700 (LWP 8751) exited] [New Thread 0x7fffcb25c700 (LWP 8752)] [New Thread 0x7fffcb25c700 (LWP 8753)] [Thread 0x7fffcb25c700 (LWP 8752) exited] [New Thread 0x7fffcaa5b700 (LWP 8754)] [New Thread 0x7fffca25a700 (LWP 8755)] [New Thread 0x7fffc9a59700 (LWP 8756)] [Thread 0x7fffc9a59700 (LWP 8756) exited] (Telegram:8739): libappindicator-CRITICAL **: 13:18:28.549: app_indicator_set_icon_full: assertion 'IS_APP_INDICATOR (self)' failed [New Thread 0x7fffc9a59700 (LWP 8757)] [New Thread 0x7fffc9258700 (LWP 8758)] [New Thread 0x7fffc8a57700 (LWP 8759)] [New Thread 0x7fffb3fff700 (LWP 8760)] [New Thread 0x7fffb37fe700 (LWP 8761)] [Thread 0x7fffb3fff700 (LWP 8760) exited] [New Thread 0x7fffb3fff700 (LWP 8762)] [New Thread 0x7fffb2ffd700 (LWP 8763)] [Thread 0x7fffb37fe700 (LWP 8761) exited] [Thread 0x7fffc9258700 (LWP 8758) exited] [Thread 0x7fffc8a57700 (LWP 8759) exited] [New Thread 0x7fffc8a57700 (LWP 8764)] [New Thread 0x7fffc9258700 (LWP 8765)] [New Thread 0x7fffb37fe700 (LWP 8766)] [Thread 0x7fffc9258700 (LWP 8765) exited] [Thread 0x7fffb37fe700 (LWP 8766) exited] [Thread 0x7fffc8a57700 (LWP 8764) exited] [New Thread 0x7fffc8a57700 (LWP 8767)] [Thread 0x7fffb3fff700 (LWP 8762) exited] [Thread 0x7fffc8a57700 (LWP 8767) exited] [New Thread 0x7fffc8a57700 (LWP 8769)] [New Thread 0x7fffb3fff700 (LWP 8770)] Gtk-Message: 13:18:41.228: GtkDialog mapped without a transient parent. This is discouraged. [New Thread 0x7fffb37fe700 (LWP 8772)] [Thread 0x7fffc8a57700 (LWP 8769) exited] [Thread 0x7fffb2ffd700 (LWP 8763) exited] ASSERT failure in QVector<T>::operator[]: "index out of range", file /usr/local/tdesktop/Qt-5.6.2/include/QtCore/qvector.h, line 431 Thread 1 "Telegram" received signal SIGABRT, Aborted. __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 51 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) bt #0 0x00007ffff5f7ae97 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 #1 0x00007ffff5f7c801 in __GI_abort () at abort.c:79 #2 0x00000000022944a1 in () #3 0x0000000003c183a0 in () #4 0x0000003000000030 in () #5 0x00007fffffffcdc0 in () #6 0x00007fffffffcd00 in () #7 0x000000000000006c in () #8 0x00007ffff74696f0 in () at /lib/x86_64-linux-gnu/libdbus-1.so.3 #9 0x000000000291c5b1 in () #10 0x0000000003be003d in () #11 0x000000000291b440 in () #12 0x00000000000001af in () #13 0x0000000000000000 in () (gdb) References: https://www.openwall.com/lists/oss-security/2018/09/19/8 # 0day.today [2024-11-15] #