7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.5%
GNOME VFS is the GNOME virtual file system. It provides a modular
architecture and ships with several modules that implement support for
various local and remote file systems as well as numerous protocols,
including HTTP, FTP, and others.
A buffer overflow flaw was discovered in the GNOME virtual file system when
handling data returned by CDDB servers. If a user connected to a malicious
CDDB server, an attacker could use this flaw to execute arbitrary code on
the victim’s machine. (CVE-2005-0706)
Users of gnome-vfs and gnome-vfs2 are advised to upgrade to these updated
packages, which contain a backported patch to correct this issue. All
running GNOME sessions must be restarted for the update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | s390x | gnome-vfs2 | < 2.2.5-2E.3.3 | gnome-vfs2-2.2.5-2E.3.3.s390x.rpm |
RedHat | any | ia64 | gnome-vfs2 | < 2.2.5-2E.3.3 | gnome-vfs2-2.2.5-2E.3.3.ia64.rpm |
RedHat | any | i386 | gnome-vfs2-devel | < 2.2.5-2E.3.3 | gnome-vfs2-devel-2.2.5-2E.3.3.i386.rpm |
RedHat | any | ppc | gnome-vfs2 | < 2.2.5-2E.3.3 | gnome-vfs2-2.2.5-2E.3.3.ppc.rpm |
RedHat | any | i386 | gnome-vfs2 | < 2.2.5-2E.3.3 | gnome-vfs2-2.2.5-2E.3.3.i386.rpm |
RedHat | 4 | ppc | gnome-vfs2-devel | < 2.8.2-8.7.el4_7.2 | gnome-vfs2-devel-2.8.2-8.7.el4_7.2.ppc.rpm |
RedHat | 4 | ia64 | gnome-vfs2-devel | < 2.8.2-8.7.el4_7.2 | gnome-vfs2-devel-2.8.2-8.7.el4_7.2.ia64.rpm |
RedHat | any | ia64 | gnome-vfs2-devel | < 2.2.5-2E.3.3 | gnome-vfs2-devel-2.2.5-2E.3.3.ia64.rpm |
RedHat | 4 | i386 | gnome-vfs2-smb | < 2.8.2-8.7.el4_7.2 | gnome-vfs2-smb-2.8.2-8.7.el4_7.2.i386.rpm |
RedHat | any | s390 | gnome-vfs2 | < 2.2.5-2E.3.3 | gnome-vfs2-2.2.5-2E.3.3.s390.rpm |