Описание
Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via Launcher tooltips. NOTE: a second buffer overflow (over-read) in the xfce_mkdirhier function was also reported, but it might not be exploitable for a crash or code execution, so it is not a vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 4.3.90.1svn+r21633-0ubuntu2.1 |
| devel | released | 4.4.2 |
| edgy | ignored | end of life, was needed |
| feisty | released | 4.4.0-0ubuntu1.1 |
| gutsy | released | 4.4.1-1ubuntu3.1 |
| hardy | released | 4.4.2 |
| upstream | released | 4.4.2 |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
Связанные уязвимости
Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via Launcher tooltips. NOTE: a second buffer overflow (over-read) in the xfce_mkdirhier function was also reported, but it might not be exploitable for a crash or code execution, so it is not a vulnerability.
Stack-based buffer overflow in the Panel (xfce4-panel) component in Xf ...
Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via Launcher tooltips. NOTE: a second buffer overflow (over-read) in the xfce_mkdirhier function was also reported, but it might not be exploitable for a crash or code execution, so it is not a vulnerability.
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
5 Medium
CVSS2