GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Sat Jun 11, 2005 6:34 pm Post subject: [ GLSA 200506-09 ] gedit: Format string vulnerability |
 |
|
Gentoo Linux Security Advisory
Title: gedit: Format string vulnerability (GLSA 200506-09)
Severity: normal
Exploitable: remote
Date: June 11, 2005
Updated: May 22, 2006
Bug(s): #93352
ID: 200506-09
Synopsis
gedit suffers from a format string vulnerability that could allow arbitrary
code execution.
Background
gedit is the official text editor of the GNOME desktop environement.
Affected Packages
Package: app-editors/gedit
Vulnerable: < 2.10.3
Unaffected: >= 2.10.3
Architectures: All supported architectures
Description
A format string vulnerability exists when opening files with names
containing format specifiers.
Impact
A specially crafted file with format specifiers in the filename can
cause arbitrary code execution.
Workaround
There are no known workarounds at this time.
Resolution
All gedit users should upgrade to the latest version:
| Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=app-editors/gedit-2.10.3" |
References
BugTraq ID 13699
gedit 10.3 Release Notes
CVE-2005-1686
Last edited by GLSA on Wed Aug 13, 2014 4:19 am; edited 4 times in total |
|
News & Announcements
