CVE-2008-3533

Related Files

Gentoo Linux Security Advisory 200809-1

Posted Sep 4, 2008

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200809-01 - Aaron Grattafiori reported a format string vulnerability in the window_error() function in yelp-window.c. Versions less than 2.22.1-r2 are affected.

tags | advisory

systems | linux, gentoo

advisories | CVE-2008-3533

SHA-256 | 24a10ea5bdf2a4ff9cdea3ea50f1deaa4b92ed3040b6c7cb19d56f8ad21f429c

Download | Favorite | View

Ubuntu Security Notice 638-1

Posted Aug 27, 2008

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 638-1 - Aaron Grattafiori discovered that the Gnome Help Viewer did not handle format strings correctly when displaying certain error messages. If a user were tricked into opening a specially crafted URI, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary

systems | linux, ubuntu

advisories | CVE-2008-3533

SHA-256 | 86831794d274f24fc29c9fdd721b2c8ce02dcd0070de1a5bfe5b4903150f4f74

Download | Favorite | View

Mandriva Linux Security Advisory 2008-175

Posted Aug 21, 2008

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A format string vulnerability was discovered in yelp after version 2.19.90 and before 2.24 that could allow remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command-line or via URI helpers in Firefox, Evolution, or possibly other programs. The updated packages have been patched to correct this issue.

tags | advisory, remote, arbitrary

systems | linux, mandriva

advisories | CVE-2008-3533

SHA-256 | da00a94fca68b754636dddb3e0930226c093a98991b1378ec5407e4db5f349d2

Download | Favorite | View