CVE-2008-3533

NONECVSS 0.0

0.0

Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs.

🔗 References (28)

security@ubuntuhttp://bugzilla.gnome.org/attachment.cgi?id=115890
security@ubuntuhttp://bugzilla.gnome.org/show_bug.cgi?id=546364
security@ubuntuhttp://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html
security@ubuntuhttp://secunia.com/advisories/31465
security@ubuntuhttp://secunia.com/advisories/31620
security@ubuntuhttp://secunia.com/advisories/31834
security@ubuntuhttp://secunia.com/advisories/32629
security@ubuntuhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:175
security@ubuntuhttp://www.securityfocus.com/bid/30690
security@ubuntuhttp://www.ubuntu.com/usn/usn-638-1
security@ubuntuhttp://www.vupen.com/english/advisories/2008/2393
security@ubuntuhttps://bugs.launchpad.net/ubuntu/+source/yelp/+bug/254860
security@ubuntuhttps://exchange.xforce.ibmcloud.com/vulnerabilities/44449
security@ubuntuhttps://www.redhat.com/archives/fedora-package-announce/2008-September/msg00222.html
af854a3a-2127-422b-91ae-364da2661108http://bugzilla.gnome.org/attachment.cgi?id=115890

Is Your Infrastructure Affected by CVE-2008-3533?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-3533

📅 Published

🔄 Last Modified

🔗 References (28)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-3533?