VULHUB ™

Spider has been reported prone to a buffer overflow condition when handling OPENWINHOME or XVIEWHOME environment variables of excessive length. The issue presents itself, due to a lack of sufficient boundary checks performed on data contained in the OPENWINHOME or XVIEWHOME environment variables before they are copied as part of an interpolated string into a reserved 256 byte buffer in stack based memory. It has been reported that a local attacker may exploit this condition to execute arbitrary instructions with GID Games privileges.

Spider has been reported prone to a buffer overflow condition when handling OPENWINHOME or XVIEWHOME environment variables of excessive length. The issue presents itself, due to a lack of sufficient boundary checks performed on data contained in the OPENWINHOME or XVIEWHOME environment variables before they are copied as part of an interpolated string into a reserved 256 byte buffer in stack based memory. It has been reported that a local attacker may exploit this condition to execute arbitrary instructions with GID Games privileges.