Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo Linux: GLSA-200707-02 Normal: ELinks Security Vulnerability Detected

gentoo
Calendar Grey June 6, 2007
Dist Gentoo Esm H88
Uncover the critical ELinks flaw that permits user-triggered arbitrary code execution in Gentoo Linux. Prompt action necessary.
A vulnerability has been discovered in ELinks allowing for the user-assisted execution of arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200706-03 https://security.gentoo.org/ Severity: Normal Title: ELinks: User-assisted execution of arbitrary code Date: June 06, 2007 Bugs: #177512 ID: 200706-03

Synopsis ======= A vulnerability has been discovered in ELinks allowing for the user-assisted execution of arbitrary code.
Background ========= ELinks is a text-mode web browser.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/elinks < 0.11.2-r1 >= 0.11.2-r1
========== Arnaud Giersch discovered that the "add_filename_to_string()" function in file intl/gettext/loadmsgcat.c uses an untrusted relative path, allowing for a format string attack with a malicious ....

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory code execution arbitrary code exploitation Gentoo Linux user assisted ELinks

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory code execution arbitrary code exploitation Gentoo Linux user assisted ELinks

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here