FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gedit -- format string vulnerability

Affected packages
gedit < 2.10.3

Details

VuXML ID e319da0b-a228-11da-b410-000e0c2e438a
Discovery 2005-05-20
Entry 2006-02-20

Yan Feng reports a format string vulnerability in gedit. This vulnerability could cause a denial of service with a binary file that contains format string characters within the filename. It had been reported that web browsers and email clients can be configured to provide a filename as an argument to gedit.:

References

CVE Name CAN-2005-1686
Message 20050520202628.12260.qmail@www.securityfocus.com