Format String Vulnerability in gedit by GNOME
CVE-2005-1686

Currently unrated

Key Information:

Vendor: Gnome
Status: Gedit
Vendor: CVE Published:; 20 May 2005

Summary

A format string vulnerability in gedit version 2.10.2 allows attackers to exploit file names containing format string specifiers, potentially causing the application to crash. This issue can be triggered directly via the command line by a user of gedit. However, there are also scenarios where web browsers or email clients may provide a file name argument to gedit, allowing attackers to circumvent security boundaries and execute a denial of service attack.

References

http://www.redhat.com/support/errata/RHSA-2005-499.html

vendor-advisoryx_refsource_REDHAT

http://www.debian.org/security/2005/dsa-753

vendor-advisoryx_refsource_DEBIAN

https://usn.ubuntu.com/138-1/

vendor-advisoryx_refsource_UBUNTU

Timeline

Vulnerability published
May 20, 2005
Vulnerability Reserved
May 20, 2005