{"id":36184,"date":"2025-05-08T05:41:12","date_gmt":"2025-05-08T05:41:12","guid":{"rendered":""},"modified":"2025-09-12T05:18:23","modified_gmt":"2025-09-12T11:18:23","slug":"cve-2023-36864-integer-overflow-vulnerability-in-gtkwave-3-3-115-with-potential-for-arbitrary-code-execution","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2023-36864-integer-overflow-vulnerability-in-gtkwave-3-3-115-with-potential-for-arbitrary-code-execution\/","title":{"rendered":"<strong>CVE-2023-36864: Integer Overflow Vulnerability in GTKWave 3.3.115 with Potential for Arbitrary Code Execution<\/strong>"},"content":{"rendered":"<p><strong>Overview<\/strong><\/p>\n<p>In the ever-evolving landscape of cybersecurity, a new vulnerability has been detected within the GTKWave 3.3.115 version. This vulnerability, officially recognized as CVE-2023-36864, presents a significant risk due to its potential for allowing arbitrary code execution and subsequent system compromise or data leakage. The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-34436-critical-out-of-bounds-write-vulnerability-in-gtkwave-3-3-115\/\"  data-wpil-monitor-id=\"41040\">vulnerability affects users utilizing the GTKWave<\/a> software, a fully featured GTK+ based wave viewer primarily intended for the viewing of VCD files (Value Change Dump) generated by various digital simulation tools. This issue is of particular concern due to the broad user base of the software, ranging from individual users to large organizations, and the consequential potential for unauthorized access, system compromise, and <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-50612-escalation-of-privileges-and-data-leakage-in-fit2cloud-cloud-explorer-lite\/\"  data-wpil-monitor-id=\"41268\">data leakage<\/a>.<\/p>\n<p><strong>Vulnerability Summary<\/strong><\/p>\n<p>CVE ID: CVE-2023-36864<br \/>\nSeverity: High &#8211; 7.8 (CVSS Severity Score)<br \/>\nAttack Vector: File-based<br \/>\nPrivileges Required: None<br \/>\nUser Interaction: Required<br \/>\nImpact: <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-46616-arbitrary-remote-code-execution-vulnerability-in-quantum-stornext-web-gui-api\/\"  data-wpil-monitor-id=\"40875\">Arbitrary code execution<\/a>, potential system compromise, and data leakage<\/p>\n<p><strong>Affected Products<\/strong><\/p><div id=\"ameeb-445133355\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 700px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 20px; font-weight: 600; display: flex; align-items: center;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 8px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 40px; height: 40px;\" \/>\r\n    <\/a>\r\n    A new way to communicate\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 12px;\">\r\n    Ameeba Chat is built on encrypted identity, not personal profiles.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 16px;\">\r\n    Message, call, share files, and coordinate with identities kept separate.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 20px;\">\r\n    <li>\u2022 Encrypted identity<\/li>\r\n    <li>\u2022 Ameeba Chat authenticates access<\/li>\r\n    <li>\u2022 Aliases and categories<\/li>\r\n    <li>\u2022 End-to-end encrypted chat, calls, and files<\/li>\r\n    <li>\u2022 Secure notes for sensitive information<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px;\">\r\n    Private communication, rethought.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Download Ameeba Chat<\/a>\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Learn More<\/a>\r\n  <\/div>\r\n<\/div>\r\n<\/div>\n<p>Product | Affected Versions<\/p>\n<p>GTKWave | 3.3.115<\/p>\n<p><strong>How the Exploit Works<\/strong><\/p>\n<p>The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-35057-critical-integer-overflow-vulnerability-in-gtkwave-3-3-115\/\"  data-wpil-monitor-id=\"41066\">vulnerability lies within the &#8216;fstReaderIterBlocks2 temp_signal_value_buf&#8217; allocation functionality of GTKWave<\/a> 3.3.115. An <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-35004-critical-integer-overflow-vulnerability-in-gtkwave-3-3-115\/\"  data-wpil-monitor-id=\"41051\">integer overflow<\/a> can occur when processing a specially crafted .fst file, leading to an out-of-bounds write and eventually arbitrary code execution. The exploitation of this vulnerability requires user interaction, meaning a victim would need to open the malicious .fst <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-39470-path-traversal-vulnerability-in-thimpress-ivy-school-leading-to-php-local-file-inclusion\/\"  data-wpil-monitor-id=\"40899\">file for the vulnerability<\/a> to trigger.<\/p>\n<p><strong>Conceptual Example Code<\/strong><\/p><div id=\"ameeb-2670478491\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n<p>Here&#8217;s a conceptual representation of how this <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-47154-exploitation-of-use-after-free-vulnerability-in-libjs-in-ladybird\/\"  data-wpil-monitor-id=\"81951\">vulnerability might be exploited<\/a>. Please note that this is a simplified pseudocode example and actual exploitation would require more complex code.<\/p>\n<pre><code class=\"\" data-line=\"\"># Pseudocode for exploit\nmalicious_fst_file = create_malicious_fst_file() # Function that creates a malicious .fst file\ndef exploit(target):\nsend_file(target, malicious_fst_file) # Function that sends the malicious file to the target\nexploit(target)<\/code><\/pre>\n<p>In this example, a malicious .fst <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-52732-php-remote-file-inclusion-vulnerability-in-google-map-targeting-plugin\/\"  data-wpil-monitor-id=\"81950\">file is created and sent to the target<\/a>. If the target opens the file using GTKWave, the integer overflow vulnerability is triggered, <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-34322-inadequate-precaution-in-xen-s-shadow-paging-leads-to-potential-system-compromise\/\"  data-wpil-monitor-id=\"40967\">leading to a potential<\/a> arbitrary code execution.<br \/>\nIt&#8217;s crucial to note that users and organizations should apply the vendor-released patch immediately or use WAF\/IDS as temporary mitigation to this vulnerability.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview In the ever-evolving landscape of cybersecurity, a new vulnerability has been detected within the GTKWave 3.3.115 version. This vulnerability, officially recognized as CVE-2023-36864, presents a significant risk due to its potential for allowing arbitrary code execution and subsequent system compromise or data leakage. The vulnerability affects users utilizing the GTKWave software, a fully featured [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[],"product":[],"attack_vector":[86,80],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-36184","post","type-post","status-publish","format-standard","hentry","category-uncategorized","attack_vector-buffer-overflow","attack_vector-rce"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/36184","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=36184"}],"version-history":[{"count":8,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/36184\/revisions"}],"predecessor-version":[{"id":74413,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/36184\/revisions\/74413"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=36184"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=36184"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=36184"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=36184"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=36184"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=36184"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=36184"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=36184"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=36184"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}