DescriptionFormat string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (application crash) via a bin file with format string specifiers in the filename. NOTE: while this issue is triggered on the command line by the gedit user, it has been reported that web browsers and email clients could be configured to provide a file name as an argument to gedit, so there is a valid attack that crosses security boundaries.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SA:2005:036, published Fri, 24 Jun 2005 12:01:00
SUSE Timeline for this CVECVE page created: Fri Jun 28 01:24:09 2013
CVE page last modified: Fri Oct 7 12:45:30 2022