Red Hat Bugzilla – Bug 159018
gedit Filename Format String Issue
Last modified: 2007-08-30 15:57:04 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20050519 Netscape/8.0.1
Description of problem:
05.21.15 CVE: Not Available
Title: gedit Filename Format String Issue
Description: gedit is an open source text processing application. It
is vulnerable to a format string issue because the application is
unable to process filenames with malicious format specifiers. gEdit
version 2.2.0 is reported to be vulnerable.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. See the URL for exploit steps.
Actual Results: The exploit didn't run, but gedit reported that the file "AA%n%n%n.c" didn't exist so there's a format string problem somewhere.
Expected Results: Gedit should have opened the file and displayed its (binary) contents.
Fedora Legacy project has ended. These will not be fixed by Fedora Legacy.