R Project Buffer Overflow Vulnerability in GUI Preferences Dialog Allowing Code Execution

A local buffer overflow vulnerability has been identified in R i386 version 3.5.0, specifically within the GUI Preferences dialog. This vulnerability allows local attackers to overwrite the structured exception handler (SEH) records by injecting malicious input into the 'Language for menus and messages' field. Exploitation of this vulnerability could lead to arbitrary code execution, such as launching the calculator application or executing custom shellcode.

Impact

Exploitation of this vulnerability allows for a local buffer overflow, leading to an overwrite of the structured exception handler (SEH) records. This can be exploited to execute arbitrary code with the privileges of the user running the R application.

Reproduction

To reproduce this vulnerability, open the R application and navigate to the 'Edit' menu, then select 'GUI Preferences'. In the Preferences dialog, paste a crafted payload into the 'Language for menus and messages' field. After clicking 'OK', the injected payload will execute, such as launching the calculator application or executing other specified shellcode.