CVE-2008-5660

Published Dec 17, 2008

Last updated 6 years ago

Overview

Description: Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-134

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:gnome:vinagre:0.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3452AD7-94B2-4FA6-9DD8-B5E5AA1C80C0"
          },
          {
            "criteria": "cpe:2.3:a:gnome:vinagre:0.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "254ED642-8E14-4422-9783-91ABD738A64B"
          },
          {
            "criteria": "cpe:2.3:a:gnome:vinagre:2.23.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E2DED0A-F95D-49EE-B2B3-276E6FE13CAA"
          },
          {
            "criteria": "cpe:2.3:a:gnome:vinagre:2.23.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69169089-7DD3-4661-82F7-7E9E65FD2E55"
          },
          {
            "criteria": "cpe:2.3:a:gnome:vinagre:2.23.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "369596B8-8CF0-4C3A-8903-FCCC79637038"
          },
          {
            "criteria": "cpe:2.3:a:gnome:vinagre:2.23.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E333454-E615-4DA9-9BA0-18AB9FA8A339"
          },
          {
            "criteria": "cpe:2.3:a:gnome:vinagre:2.23.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D57BA5B7-4AF1-4C55-B4B9-824A4DBA43D6"
          },
          {
            "criteria": "cpe:2.3:a:gnome:vinagre:2.23.90:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC972FE9-6DCF-4922-AC01-2A561B33FDA9"
          },
          {
            "criteria": "cpe:2.3:a:gnome:vinagre:2.23.91:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FDB9A16-3F87-47B9-B996-A22EBE103DF8"
          },
          {
            "criteria": "cpe:2.3:a:gnome:vinagre:2.23.92:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C67CCE9D-0AB5-4271-AF2D-D4BC4BD85926"
          },
          {
            "criteria": "cpe:2.3:a:gnome:vinagre:2.24.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F2F8034-8193-4CB3-9D8B-C1646133C918"
          },
          {
            "criteria": "cpe:2.3:a:gnome:vinagre:2.24.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E116D4D8-398A-4E24-AB6B-5C0E9BDC9245"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References