{"id":36184,"date":"2025-05-08T05:41:12","date_gmt":"2025-05-08T05:41:12","guid":{"rendered":""},"modified":"2025-09-12T05:18:23","modified_gmt":"2025-09-12T11:18:23","slug":"cve-2023-36864-integer-overflow-vulnerability-in-gtkwave-3-3-115-with-potential-for-arbitrary-code-execution","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2023-36864-integer-overflow-vulnerability-in-gtkwave-3-3-115-with-potential-for-arbitrary-code-execution\/","title":{"rendered":"<strong>CVE-2023-36864: Integer Overflow Vulnerability in GTKWave 3.3.115 with Potential for Arbitrary Code Execution<\/strong>"},"content":{"rendered":"<p><strong>Overview<\/strong><\/p>\n<p>In the ever-evolving landscape of cybersecurity, a new vulnerability has been detected within the GTKWave 3.3.115 version. This vulnerability, officially recognized as CVE-2023-36864, presents a significant risk due to its potential for allowing arbitrary code execution and subsequent system compromise or data leakage. The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-34436-critical-out-of-bounds-write-vulnerability-in-gtkwave-3-3-115\/\"  data-wpil-monitor-id=\"41040\">vulnerability affects users utilizing the GTKWave<\/a> software, a fully featured GTK+ based wave viewer primarily intended for the viewing of VCD files (Value Change Dump) generated by various digital simulation tools. This issue is of particular concern due to the broad user base of the software, ranging from individual users to large organizations, and the consequential potential for unauthorized access, system compromise, and <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-50612-escalation-of-privileges-and-data-leakage-in-fit2cloud-cloud-explorer-lite\/\"  data-wpil-monitor-id=\"41268\">data leakage<\/a>.<\/p>\n<p><strong>Vulnerability Summary<\/strong><\/p>\n<p>CVE ID: CVE-2023-36864<br \/>\nSeverity: High &#8211; 7.8 (CVSS Severity Score)<br \/>\nAttack Vector: File-based<br \/>\nPrivileges Required: None<br \/>\nUser Interaction: Required<br \/>\nImpact: <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-46616-arbitrary-remote-code-execution-vulnerability-in-quantum-stornext-web-gui-api\/\"  data-wpil-monitor-id=\"40875\">Arbitrary code execution<\/a>, potential system compromise, and data leakage<\/p>\n<p><strong>Affected Products<\/strong><\/p><div id=\"ameeb-2187111788\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 720px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 22px; font-weight: 600; display: flex; align-items: center; letter-spacing: -0.02em;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 10px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 42px; height: 42px;\" \/>\r\n    <\/a>\r\n    Share secrets securely\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 14px; color: #d1d5db;\">\r\n    Ameeba is private infrastructure for communication and sensitive work built on encrypted identity instead of exposed corporate identity systems.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 18px; color: #a1a1aa;\">\r\n    Passwords, credentials, confidential files, screenshots, internal discussions, sensitive AI context, and private coordination should not become exposed across ordinary communication platforms.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 24px; color: #e4e4e7;\">\r\n    <li style=\"margin-bottom: 8px;\">\u2022 Encrypted identity<\/li>\r\n    <li style=\"margin-bottom: 8px;\">\u2022 Private Spaces for organizations and teams<\/li>\r\n    <li style=\"margin-bottom: 8px;\">\u2022 End-to-end encrypted chat, calls, files, and notes<\/li>\r\n    <li style=\"margin-bottom: 8px;\">\u2022 Sensitive AI work and protected collaboration<\/li>\r\n    <li>\u2022 Built for information that cannot leak<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px; color: #ffffff;\">\r\n    Our mission is to secure human work alongside AI.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 8px; font-weight: 500;\">\r\n      Download Ameeba\r\n    <\/a>\r\n\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 8px; font-weight: 500;\">\r\n      Learn More\r\n    <\/a>\r\n  <\/div>\r\n<\/div><\/div>\n<p>Product | Affected Versions<\/p>\n<p>GTKWave | 3.3.115<\/p>\n<p><strong>How the Exploit Works<\/strong><\/p>\n<p>The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-35057-critical-integer-overflow-vulnerability-in-gtkwave-3-3-115\/\"  data-wpil-monitor-id=\"41066\">vulnerability lies within the &#8216;fstReaderIterBlocks2 temp_signal_value_buf&#8217; allocation functionality of GTKWave<\/a> 3.3.115. An <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-35004-critical-integer-overflow-vulnerability-in-gtkwave-3-3-115\/\"  data-wpil-monitor-id=\"41051\">integer overflow<\/a> can occur when processing a specially crafted .fst file, leading to an out-of-bounds write and eventually arbitrary code execution. The exploitation of this vulnerability requires user interaction, meaning a victim would need to open the malicious .fst <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-39470-path-traversal-vulnerability-in-thimpress-ivy-school-leading-to-php-local-file-inclusion\/\"  data-wpil-monitor-id=\"40899\">file for the vulnerability<\/a> to trigger.<\/p>\n<p><strong>Conceptual Example Code<\/strong><\/p><div id=\"ameeb-81071781\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n<p>Here&#8217;s a conceptual representation of how this <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-47154-exploitation-of-use-after-free-vulnerability-in-libjs-in-ladybird\/\"  data-wpil-monitor-id=\"81951\">vulnerability might be exploited<\/a>. Please note that this is a simplified pseudocode example and actual exploitation would require more complex code.<\/p>\n<pre><code class=\"\" data-line=\"\"># Pseudocode for exploit\nmalicious_fst_file = create_malicious_fst_file() # Function that creates a malicious .fst file\ndef exploit(target):\nsend_file(target, malicious_fst_file) # Function that sends the malicious file to the target\nexploit(target)<\/code><\/pre>\n<p>In this example, a malicious .fst <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-52732-php-remote-file-inclusion-vulnerability-in-google-map-targeting-plugin\/\"  data-wpil-monitor-id=\"81950\">file is created and sent to the target<\/a>. If the target opens the file using GTKWave, the integer overflow vulnerability is triggered, <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-34322-inadequate-precaution-in-xen-s-shadow-paging-leads-to-potential-system-compromise\/\"  data-wpil-monitor-id=\"40967\">leading to a potential<\/a> arbitrary code execution.<br \/>\nIt&#8217;s crucial to note that users and organizations should apply the vendor-released patch immediately or use WAF\/IDS as temporary mitigation to this vulnerability.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview In the ever-evolving landscape of cybersecurity, a new vulnerability has been detected within the GTKWave 3.3.115 version. This vulnerability, officially recognized as CVE-2023-36864, presents a significant risk due to its potential for allowing arbitrary code execution and subsequent system compromise or data leakage. The vulnerability affects users utilizing the GTKWave software, a fully featured [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[],"product":[],"attack_vector":[86,80],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-36184","post","type-post","status-publish","format-standard","hentry","category-uncategorized","attack_vector-buffer-overflow","attack_vector-rce"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/36184","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=36184"}],"version-history":[{"count":8,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/36184\/revisions"}],"predecessor-version":[{"id":74413,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/36184\/revisions\/74413"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=36184"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=36184"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=36184"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=36184"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=36184"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=36184"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=36184"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=36184"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=36184"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}