2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
0.006 Low
EPSS
Percentile
75.7%
gEdit is a small text editor designed specifically for the GNOME GUI desktop.
A file name format string vulnerability has been discovered in gEdit. It is
possible for an attacker to create a file with a carefully crafted name
which, when the file is opened, executes arbitrary instructions on a
victim’s machine. Although it is unlikely that a user would manually open a
file with such a carefully crafted file name, a user could, for example, be
tricked into opening such a file from within an email client. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-1686 to this issue.
Users of gEdit should upgrade to this updated package, which contains a
backported patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | s390 | gedit | < 2.8.1-4 | gedit-2.8.1-4.s390.rpm |
RedHat | any | ia64 | gedit | < 2.8.1-4 | gedit-2.8.1-4.ia64.rpm |
RedHat | any | s390 | gedit-devel | < 2.8.1-4 | gedit-devel-2.8.1-4.s390.rpm |
RedHat | any | x86_64 | gedit | < 2.8.1-4 | gedit-2.8.1-4.x86_64.rpm |
RedHat | any | s390x | gedit-devel | < 2.8.1-4 | gedit-devel-2.8.1-4.s390x.rpm |
RedHat | any | ppc | gedit | < 2.8.1-4 | gedit-2.8.1-4.ppc.rpm |
RedHat | any | s390x | gedit | < 2.8.1-4 | gedit-2.8.1-4.s390x.rpm |
RedHat | any | src | gedit | < 2.8.1-4 | gedit-2.8.1-4.src.rpm |
RedHat | any | i386 | gedit | < 2.8.1-4 | gedit-2.8.1-4.i386.rpm |
RedHat | any | ia64 | gedit-devel | < 2.8.1-4 | gedit-devel-2.8.1-4.ia64.rpm |