Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: GLSA-200809-01 Normal: Yelp Code Execution Risk

gentoo
Calendar Grey September 4, 2008
Dist Gentoo Esm H88
A vulnerability in Yelp due to user input might enable arbitrary code execution via crafted URIs. It is recommended to implement the proposed updates to mitigate security risks
A vulnerability in yelp can lead to the execution of arbitrary code when opening a URI, for example through Firefox.

Summary

Gentoo Linux Security Advisory GLSA 200809-01 https://security.gentoo.org/ Severity: Normal Title: yelp: User-assisted execution of arbitrary code Date: September 04, 2008 Bugs: #234079 ID: 200809-01

Synopsis ======= A vulnerability in yelp can lead to the execution of arbitrary code when opening a URI, for example through Firefox.
Background ========= yelp is the default help browser for GNOME.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 gnome-extra/yelp < 2.22.1-r2 >= 2.22.1-r2 *>= 2.20.0-r1
========== Aaron Grattafiori reported a format string vulnerability in the window_error() function in yelp-wi...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo software update code execution arbitrary code yelp user-assisted

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo software update code execution arbitrary code yelp user-assisted

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here