Launchpad.net

CVE 2007-6183

Format string vulnerability in the mdiag_initialize function in gtk/src/rbgtkmessagedialog.c in Ruby-GNOME 2 (aka Ruby/Gnome2) 0.16.0, and SVN versions before 20071127, allows context-dependent attackers to execute arbitrary code via format string specifiers in the message parameter.

Related bugs and status

CVE-2007-6183 (Candidate) is related to these bugs:

Bug #174243: Please sync ruby-gnome2 0.16.0-10 (universe) from Debian Sid (main)

Summary				In	Importance	Status
	174243	Please sync ruby-gnome2 0.16.0-10 (universe) from Debian Sid (main)		ruby-gnome2 (Ubuntu)	Wishlist	Fix Released

Bug #175827: [ruby-gnome2] [CVE-2007-6183] improper input sanitizing / format string vulnerability

		In	Importance	Status
175827	[ruby-gnome2] [CVE-2007-6183] improper input sanitizing / format string vulnerability	ruby-gnome2 (Ubuntu)	Undecided	Fix Released
175827	[ruby-gnome2] [CVE-2007-6183] improper input sanitizing / format string vulnerability	ruby-gnome2 (Debian)	Unknown	Fix Released
175827	[ruby-gnome2] [CVE-2007-6183] improper input sanitizing / format string vulnerability	ruby-gnome2 (Gentoo Linux)	Medium	Fix Released
175827	[ruby-gnome2] [CVE-2007-6183] improper input sanitizing / format string vulnerability	ruby-gnome2 (Fedora)	Medium	Fix Released
175827	[ruby-gnome2] [CVE-2007-6183] improper input sanitizing / format string vulnerability	ruby-gnome2 (Ubuntu Dapper)	Undecided	Won't Fix
175827	[ruby-gnome2] [CVE-2007-6183] improper input sanitizing / format string vulnerability	ruby-gnome2 (Ubuntu Edgy)	Undecided	Won't Fix
175827	[ruby-gnome2] [CVE-2007-6183] improper input sanitizing / format string vulnerability	ruby-gnome2 (Ubuntu Feisty)	Undecided	Won't Fix
175827	[ruby-gnome2] [CVE-2007-6183] improper input sanitizing / format string vulnerability	ruby-gnome2 (Ubuntu Hardy)	Undecided	Fix Released
175827	[ruby-gnome2] [CVE-2007-6183] improper input sanitizing / format string vulnerability	ruby-gnome2 (Ubuntu Gutsy)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://ruby-gnome2.svn...
MISC: http://em386.blogspot....
SECUNIA: 27825
MISC: https://bugzilla.redha...
CONFIRM: http://bugs.gentoo.org...
FEDORA: FEDORA-2007-4216
FEDORA: FEDORA-2007-4229
GENTOO: GLSA-200712-09
BID: 26616
SECUNIA: 27975
SECUNIA: 28022
CONFIRM: http://bugs.debian.org...
DEBIAN: DSA-1431
SECUNIA: 28060
MANDRIVA: MDVSA-2008:033
SREASON: 3407
OSVDB: 40774
VUPEN: ADV-2007-4022
XF: rubygnome2-mdiaginitia...
BUGTRAQ: 20071127 Ruby/Gnome2 0...