Remote Code Execution Vulnerability in GNOME Virtual File System
CVE-2004-0494

Currently unrated

Key Information:

Vendor: Avaya
Status: Cvlan
Vendor: CVE Published:; 23 November 2004

Summary

Multiple extfs backend scripts for GNOME virtual file system (VFS) prior to version 1.0.1 are susceptible to remote code execution. By crafting a specially designed gnome-vfs URI, an attacker may exploit this flaw to execute unauthorized commands, potentially compromising the security of the affected system.

References

https://bugzilla.fedora.us/show_bug.cgi?id=1944

vendor-advisoryx_refsource_FEDORA

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.redhat.com/support/errata/RHSA-2004-373.html

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability published
Nov 23, 2004
Vulnerability Reserved
May 27, 2004