Lucene search
UbuntuUSN-638-1HistoryAug 27, 2008 - 12:00 a.m.
Yelp vulnerability
2008-08-2700:00:00
ubuntu.com
29
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.3
Confidence
Low
EPSS
0.078
Percentile
94.3%
Releases
- Ubuntu 8.04
- Ubuntu 7.10
Packages
- yelp -
Details
Aaron Grattafiori discovered that the Gnome Help Viewer did not
handle format strings correctly when displaying certain error messages.
If a user were tricked into opening a specially crafted URI, a remote
attacker could execute arbitrary code with user privileges.
References
Related
openvas
openvas
Fedora Update for yelp FEDORA-2008-7293
2009-02-17 00:00:00
Mandriva Update for yelp MDVSA-2008:175 (yelp)
2009-04-09 00:00:00
Fedora Update for yelp FEDORA-2008-7293
2009-02-17 00:00:00
nessus
nessus
Ubuntu 7.10 / 8.04 LTS : yelp vulnerability (USN-638-1)
2008-08-28 00:00:00
openSUSE Security Update : yelp (yelp-271)
2009-07-21 00:00:00
Fedora 8 : yelp-2.20.0-12.fc8 (2008-7293)
2008-09-10 00:00:00
ubuntucve
ubuntucve
CVE-2008-3533
2008-08-18 00:00:00
securityvulns
securityvulns
[ MDVSA-2008:175 ] yelp
2008-08-21 00:00:00
yelp format string vulnerability
2008-08-21 00:00:00
cve
cve
CVE-2008-3533
2008-08-18 17:41:00
cvelist
cvelist
CVE-2008-3533
2008-08-18 17:15:00
debiancve
debiancve
CVE-2008-3533
2008-08-18 17:41:00
fedora
fedora
[SECURITY] Fedora 8 Update: yelp-2.20.0-12.fc8
2008-09-10 06:50:31
exploitdb
exploitdb
Yelp 2.23.1 - Invalid URI Format String
2008-08-13 00:00:00
gentoo
gentoo
yelp: User-assisted execution of arbitrary code
2008-09-04 00:00:00
prion
prion
Format string
2008-08-18 17:41:00
nvd
nvd
CVE-2008-3533
2008-08-18 17:41:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.3
Confidence
Low
EPSS
0.078
Percentile
94.3%
Related for USN-638-1