Bug 159018

Summary: gedit Filename Format String Issue
Product: [Retired] Fedora Legacy Reporter: John Dalbec <jpdalbec>
Component: geditAssignee: Fedora Legacy Bugs <bugs>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rhl7.3CC: bugzilla.redhat
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
URL: http://www.securityfocus.com/archive/1/398634
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-08-30 19:57:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description John Dalbec 2005-05-27 20:08:02 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20050519 Netscape/8.0.1

Description of problem:
05.21.15 CVE: Not Available
Platform: Linux
Title: gedit Filename Format String Issue
Description: gedit is an open source text processing application. It
is vulnerable to a format string issue because the application is
unable to process filenames with malicious format specifiers. gEdit
version 2.2.0 is reported to be vulnerable.
Ref: http://www.securityfocus.com/archive/1/398634 

Version-Release number of selected component (if applicable):


How reproducible:
Couldn't Reproduce

Steps to Reproduce:
1.  See the URL for exploit steps.
2.
3.
  

Actual Results:  The exploit didn't run, but gedit reported that the file "AA%n%n%n.c" didn't exist so there's a format string problem somewhere.

Expected Results:  Gedit should have opened the file and displayed its (binary) contents.

Additional info:
Comment 1 Jesse Keating 2007-08-30 19:57:04 UTC 
Fedora Legacy project has ended.  These will not be fixed by Fedora Legacy.