Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2008-5660
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-17 Dec, 2008 | 20:30
Updated At-11 Oct, 2018 | 20:56

Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
The GNOME Project
gnome
>>vinagre>>0.5.0
cpe:2.3:a:gnome:vinagre:0.5.0:*:*:*:*:*:*:*
The GNOME Project
gnome
>>vinagre>>0.5.1
cpe:2.3:a:gnome:vinagre:0.5.1:*:*:*:*:*:*:*
The GNOME Project
gnome
>>vinagre>>2.23.1
cpe:2.3:a:gnome:vinagre:2.23.1:*:*:*:*:*:*:*
The GNOME Project
gnome
>>vinagre>>2.23.2
cpe:2.3:a:gnome:vinagre:2.23.2:*:*:*:*:*:*:*
The GNOME Project
gnome
>>vinagre>>2.23.3
cpe:2.3:a:gnome:vinagre:2.23.3:*:*:*:*:*:*:*
The GNOME Project
gnome
>>vinagre>>2.23.3.1
cpe:2.3:a:gnome:vinagre:2.23.3.1:*:*:*:*:*:*:*
The GNOME Project
gnome
>>vinagre>>2.23.4
cpe:2.3:a:gnome:vinagre:2.23.4:*:*:*:*:*:*:*
The GNOME Project
gnome
>>vinagre>>2.23.90
cpe:2.3:a:gnome:vinagre:2.23.90:*:*:*:*:*:*:*
The GNOME Project
gnome
>>vinagre>>2.23.91
cpe:2.3:a:gnome:vinagre:2.23.91:*:*:*:*:*:*:*
The GNOME Project
gnome
>>vinagre>>2.23.92
cpe:2.3:a:gnome:vinagre:2.23.92:*:*:*:*:*:*:*
The GNOME Project
gnome
>>vinagre>>2.24.0
cpe:2.3:a:gnome:vinagre:2.24.0:*:*:*:*:*:*:*
The GNOME Project
gnome
>>vinagre>>2.24.1
cpe:2.3:a:gnome:vinagre:2.24.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-134Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://secunia.com/advisories/33041cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/33046cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/33082cve@mitre.org
Vendor Advisory
http://www.coresecurity.com/content/vinagre-format-stringcve@mitre.org
Exploit
http://www.mandriva.com/security/advisories?name=MDVSA-2008:240cve@mitre.org
Vendor Advisory
http://www.securityfocus.com/archive/1/499057/100/0/threadedcve@mitre.org
N/A
http://www.ubuntu.com/usn/usn-689-1cve@mitre.org
Vendor Advisory
http://www.vupen.com/english/advisories/2008/3362cve@mitre.org
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=475070cve@mitre.org
N/A
https://www.exploit-db.com/exploits/7401cve@mitre.org
N/A
https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00473.htmlcve@mitre.org
N/A
https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00485.htmlcve@mitre.org
N/A
Change History
0Changes found
Details not found