Possible string format attack
Bug #305623 reported by
Emilio Pozuelo Monfort
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
vinagre (Ubuntu) |
Fix Released
|
High
|
Emilio Pozuelo Monfort | ||
Hardy |
Fix Released
|
High
|
Emilio Pozuelo Monfort | ||
Intrepid |
Fix Released
|
High
|
Emilio Pozuelo Monfort |
Bug Description
Binary package hint: vinagre
There's a security issue in Vinagre, where a user could cause a string format attack.
These are the relevant upstream commits:
http://
http://
The problem is in src/vinagre-utils.c @ vinagre_
The affected releases are Hardy, Intrepid and Jaunty.
Thanks Kees and James for your help!
Changed in vinagre: | |
importance: | Undecided → High |
status: | New → Triaged |
Changed in vinagre: | |
assignee: | nobody → pochu |
assignee: | nobody → pochu |
importance: | Undecided → High |
status: | New → Triaged |
To post a comment you must log in.
Reproducer, from the command-line: vinagre %n
Segv on hardy, fortify-abort on intrepid (and jaunty).