FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
214e8e07-d369-11dd-b800-001b77d09812vinagre -- format string vulnerability

CORE Security Technologies reports:

A format string error has been found on the vinagre_utils_show_error() function that can be exploited via commands issued from a malicious server containing format string specifiers on the VNC name.

In a web based attack scenario, the user would be required to connect to a malicious server. Successful exploitation would then allow the attacker to execute arbitrary code with the privileges of the Vinagre user.


Discovery 2008-12-09
Entry 2008-12-31
Modified 2010-05-02
vinagre
< 0.5.2

32682
CVE-2008-5660
http://www.coresecurity.com/content/vinagre-format-string
http://ftp.gnome.org/pub/GNOME/sources/vinagre/0.5/vinagre-0.5.2.news