Vulnerability Details : CVE-2008-3533
Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2008-3533
Probability of exploitation activity in the next 30 days: 7.83%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 93 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2008-3533
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2008-3533
-
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2008-3533
-
Red Hat 2008-08-19This issue does not affect the versions of the yelp package, as shipped with Red Hat Enterprise Linux 3, 4 and 5.
-
http://www.ubuntu.com/usn/usn-638-1
-
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2008:024 - openSUSE Security Announce - openSUSE Mailing Lists
-
http://bugzilla.gnome.org/attachment.cgi?id=115890
Exploit
-
http://www.vupen.com/english/advisories/2008/2393
-
http://www.securityfocus.com/bid/30690
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/44449
-
http://www.mandriva.com/security/advisories?name=MDVSA-2008:175
-
https://bugs.launchpad.net/ubuntu/+source/yelp/+bug/254860
Exploit;Patch
-
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00222.html
-
http://bugzilla.gnome.org/show_bug.cgi?id=546364
Exploit;Patch
- cpe:2.3:a:gnome:yelp:*:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome:2.20:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome:2.22:*:*:*:*:*:*:*