Описание
Heap-based buffer overflow in the open_man_file function in callbacks.c in gmanedit 0.4.1 allows remote attackers to execute arbitrary code via a crafted man page, which is not properly handled during utf8 conversion. NOTE: another overflow was reported using a configuration file, but that vector does not have a scenario that crosses privilege boundaries.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 0.4.1-1.1 |
| feisty | ignored | end of life, was needed |
| gutsy | ignored | end of life, was needed |
| hardy | DNE | |
| intrepid | not-affected | 0.4.1-1.1 |
| jaunty | not-affected | 0.4.1-1.1 |
| karmic | not-affected | 0.4.1-1.1 |
| upstream | released | 0.4.1-1.1 |
Показывать по
Ссылки на источники
EPSS
9.3 Critical
CVSS2
Связанные уязвимости
Heap-based buffer overflow in the open_man_file function in callbacks.c in gmanedit 0.4.1 allows remote attackers to execute arbitrary code via a crafted man page, which is not properly handled during utf8 conversion. NOTE: another overflow was reported using a configuration file, but that vector does not have a scenario that crosses privilege boundaries.
Heap-based buffer overflow in the open_man_file function in callbacks. ...
Heap-based buffer overflow in the open_man_file function in callbacks.c in gmanedit 0.4.1 allows remote attackers to execute arbitrary code via a crafted man page, which is not properly handled during utf8 conversion. NOTE: another overflow was reported using a configuration file, but that vector does not have a scenario that crosses privilege boundaries.
EPSS
9.3 Critical
CVSS2