|
|
CVE Reference: CVE-2008-3533 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-3533 |
|
|
Description: Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/44449 UBUNTU http://www.ubuntu.com/usn/usn-638-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html SAID Secunia Advisory: SA31620 Secunia Advisory: SA31465 Secunia Advisory: SA31834 Secunia Advisory: SA32629 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:175 FEDORA CONFIRM http://bugzilla.gnome.org/show_bug.cgi?id=546364 http://bugzilla.gnome.org/attachment.cgi?id=115890 BID 30690 |
|
| Return to the previous page. |
