User: Password:
|
|
Subscribe / Log in / New account

gedit: format string vulnerability

Package(s):gedit CVE #(s):CAN-2005-1686
Created:June 9, 2005 Updated:February 5, 2009
Description: A format string vulnerability has been discovered in gedit. Calling the program with specially crafted file names caused a buffer overflow, which could be exploited to execute arbitrary code with the privileges of the gedit user.
Alerts:
Fedora FEDORA-2009-1189 gedit 2009-01-29
Fedora FEDORA-2009-1187 gedit 2009-01-29
Debian DSA-753-1 gedit 2005-07-12
Mandriva MDKSA-2005:102 gedit 2005-06-15
Red Hat RHSA-2005:499-01 gedit 2005-06-13
Gentoo 200506-09 gedit 2005-06-11
Ubuntu USN-138-1 gedit 2005-06-09

(Log in to post comments)

gedit: format string vulnerability

Posted Feb 5, 2009 14:33 UTC (Thu) by welinder (guest, #4699) [Link]

Those Fedora updates appear to be unrelated to any format vulnerabilities.

The new problem is not even really a gedit problem, even though it is
reported against gedit and a dozen other applications. Python is at
fault and should be fixed.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds