Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: canonical
Published: 2008-08-18T17:15:00
Updated: 2024-08-07T09:45:18.106Z
Reserved: 2008-08-07T00:00:00
Link: CVE-2008-3533
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-08-18T17:41:00.000
Modified: 2024-11-21T00:49:28.783
Link: CVE-2008-3533
Redhat