CVE-2008-3533 - OpenCVE

Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gnome	Gnome Yelp

Configuration 1 [-]

cpe:2.3:a:gnome:yelp:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:a:gnome:gnome:2.20:::::::*
	cpe:2.3:a:gnome:gnome:2.22:::::::*

No data.

References

Link	Providers
http://bugzilla.gnome.org/attachment.cgi?id=115890
http://bugzilla.gnome.org/show_bug.cgi?id=546364
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html
http://secunia.com/advisories/31465
http://secunia.com/advisories/31620
http://secunia.com/advisories/31834
http://secunia.com/advisories/32629
http://www.mandriva.com/security/advisories?name=MDVSA-2008:175
http://www.securityfocus.com/bid/30690
http://www.ubuntu.com/usn/usn-638-1
http://www.vupen.com/english/advisories/2008/2393
https://bugs.launchpad.net/ubuntu/+source/yelp/+bug/254860
https://exchange.xforce.ibmcloud.com/vulnerabilities/44449
https://nvd.nist.gov/vuln/detail/CVE-2008-3533
https://www.cve.org/CVERecord?id=CVE-2008-3533
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00222.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: canonical

Published: 2008-08-18T17:15:00

Updated: 2024-08-07T09:45:18.106Z

Reserved: 2008-08-07T00:00:00

Link: CVE-2008-3533

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-08-18T17:41:00.000

Modified: 2017-08-08T01:31:57.607

Link: CVE-2008-3533

Redhat

Severity : Important

Publid Date: 2008-08-11T00:00:00Z

Links: CVE-2008-3533 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-08-13T00:00:00", "descriptions": [{"lang": "en", "value": "Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://bugzilla.gnome.org/attachment.cgi?id=115890"}, {"name": "31465", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31465"}, {"name": "30690", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/30690"}, {"name": "SUSE-SR:2008:024", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html"}, {"name": "31620", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31620"}, {"name": "USN-638-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-638-1"}, {"name": "32629", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32629"}, {"name": "yelp-uri-format-string(44449)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44449"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.launchpad.net/ubuntu/+source/yelp/+bug/254860"}, {"name": "31834", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31834"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugzilla.gnome.org/show_bug.cgi?id=546364"}, {"name": "ADV-2008-2393", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2393"}, {"name": "FEDORA-2008-7293", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00222.html"}, {"name": "MDVSA-2008:175", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:175"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@ubuntu.com", "ID": "CVE-2008-3533", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://bugzilla.gnome.org/attachment.cgi?id=115890", "refsource": "CONFIRM", "url": "http://bugzilla.gnome.org/attachment.cgi?id=115890"}, {"name": "31465", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31465"}, {"name": "30690", "refsource": "BID", "url": "http://www.securityfocus.com/bid/30690"}, {"name": "SUSE-SR:2008:024", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html"}, {"name": "31620", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31620"}, {"name": "USN-638-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-638-1"}, {"name": "32629", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32629"}, {"name": "yelp-uri-format-string(44449)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44449"}, {"name": "https://bugs.launchpad.net/ubuntu/+source/yelp/+bug/254860", "refsource": "CONFIRM", "url": "https://bugs.launchpad.net/ubuntu/+source/yelp/+bug/254860"}, {"name": "31834", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31834"}, {"name": "http://bugzilla.gnome.org/show_bug.cgi?id=546364", "refsource": "CONFIRM", "url": "http://bugzilla.gnome.org/show_bug.cgi?id=546364"}, {"name": "ADV-2008-2393", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2393"}, {"name": "FEDORA-2008-7293", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00222.html"}, {"name": "MDVSA-2008:175", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:175"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:45:18.106Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugzilla.gnome.org/attachment.cgi?id=115890"}, {"name": "31465", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31465"}, {"name": "30690", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/30690"}, {"name": "SUSE-SR:2008:024", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html"}, {"name": "31620", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31620"}, {"name": "USN-638-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-638-1"}, {"name": "32629", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32629"}, {"name": "yelp-uri-format-string(44449)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44449"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.launchpad.net/ubuntu/+source/yelp/+bug/254860"}, {"name": "31834", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31834"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugzilla.gnome.org/show_bug.cgi?id=546364"}, {"name": "ADV-2008-2393", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2393"}, {"name": "FEDORA-2008-7293", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00222.html"}, {"name": "MDVSA-2008:175", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:175"}]}]}, "cveMetadata": {"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "cveId": "CVE-2008-3533", "datePublished": "2008-08-18T17:15:00", "dateReserved": "2008-08-07T00:00:00", "dateUpdated": "2024-08-07T09:45:18.106Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnome:yelp:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0711AF7-6FCD-4311-8D62-E02900BED8B5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnome:gnome:2.20:*:*:*:*:*:*:*", "matchCriteriaId": "B99DE8F3-3B18-4A57-9E28-849A81884256", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:gnome:2.22:*:*:*:*:*:*:*", "matchCriteriaId": "BCF0421C-DC15-4ED7-8F21-B92974D09E82", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs."}, {"lang": "es", "value": "Vulnerabilidad de cadena de formato en la funci\u00f3n window_error de yelp-window.c en yelp de Gnome despu\u00e9s de 2.19.90 y antes de 2.24 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante especificadores de formato de cadena en un URI no v\u00e1lido en l\u00ednea de comandos, como se demostr\u00f3 utilizando yelp en los controladores URI (1) man o (2) ghelp en Firefox, Evolution y otros programas no especificados."}], "id": "CVE-2008-3533", "lastModified": "2017-08-08T01:31:57.607", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-08-18T17:41:00.000", "references": [{"source": "security@ubuntu.com", "tags": ["Exploit"], "url": "http://bugzilla.gnome.org/attachment.cgi?id=115890"}, {"source": "security@ubuntu.com", "tags": ["Exploit", "Patch"], "url": "http://bugzilla.gnome.org/show_bug.cgi?id=546364"}, {"source": "security@ubuntu.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html"}, {"source": "security@ubuntu.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31465"}, {"source": "security@ubuntu.com", "url": "http://secunia.com/advisories/31620"}, {"source": "security@ubuntu.com", "url": "http://secunia.com/advisories/31834"}, {"source": "security@ubuntu.com", "url": "http://secunia.com/advisories/32629"}, {"source": "security@ubuntu.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:175"}, {"source": "security@ubuntu.com", "url": "http://www.securityfocus.com/bid/30690"}, {"source": "security@ubuntu.com", "url": "http://www.ubuntu.com/usn/usn-638-1"}, {"source": "security@ubuntu.com", "url": "http://www.vupen.com/english/advisories/2008/2393"}, {"source": "security@ubuntu.com", "tags": ["Exploit", "Patch"], "url": "https://bugs.launchpad.net/ubuntu/+source/yelp/+bug/254860"}, {"source": "security@ubuntu.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44449"}, {"source": "security@ubuntu.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00222.html"}], "sourceIdentifier": "security@ubuntu.com", "vendorComments": [{"comment": "This issue does not affect the versions of the yelp package, as shipped with Red Hat Enterprise Linux 3, 4 and 5.", "lastModified": "2008-08-19T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-134"}], "source": "nvd@nist.gov", "type": "Primary"}]}