Oval Definition:oval:org.mitre.oval:def:1245
Revision Date:2007-02-20Version:4
Title:gedit Format String Vulnerability
Description:Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (application crash) via a bin file with format string specifiers in the filename. NOTE: while this issue is triggered on the command line by the gedit user, it has been reported that web browsers and email clients could be configured to provide a file name as an argument to gedit, so there is a valid attack that crosses security boundaries.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2005-1686
Platform(s):Red Hat Enterprise Linux 3
Product(s):gedit
Definition Synopsis
  • Software section
  • Red Hat Enterprise 3 is installed
  • AND gedit RPM earlier than 1:2.2.2-4rhel3
  • AND Configuration section
  • /usr/bin/gedit is executable
  • BACK