2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
77.3%
Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (application crash) via a bin file with format string specifiers in the filename. NOTE: while this issue is triggered on the command line by the gedit user, it has been reported that web browsers and email clients could be configured to provide a file name as an argument to gedit, so there is a valid attack that crosses security boundaries.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | gedit | < 2.10.3-1 | gedit_2.10.3-1_all.deb |
Debian | 11 | all | gedit | < 2.10.3-1 | gedit_2.10.3-1_all.deb |
Debian | 10 | all | gedit | < 2.10.3-1 | gedit_2.10.3-1_all.deb |
Debian | 999 | all | gedit | < 2.10.3-1 | gedit_2.10.3-1_all.deb |
Debian | 13 | all | gedit | < 2.10.3-1 | gedit_2.10.3-1_all.deb |