CVE-2008-5660
CVE-2008-5660
Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response.
Affected products
n/a · n/apublic PoCs found — 1
cve_referencewww.exploit-db.com/exploits/7401unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://bugzilla.redhat.com/show_bug.cgi?id=475070http://secunia.com/advisories/33041http://secunia.com/advisories/33046http://secunia.com/advisories/33082https://www.exploit-db.com/exploits/7401https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00473.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-December/msg00485.htmlhttp://www.coresecurity.com/content/vinagre-format-stringhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:240http://www.securityfocus.com/archive/1/499057/100/0/threadedhttp://www.ubuntu.com/usn/usn-689-1http://www.vupen.com/english/advisories/2008/3362