ID CVE-2005-1686
Summary Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (application crash) via a bin file with format string specifiers in the filename. NOTE: while this issue is triggered on the command line by the gedit user, it has been reported that web browsers and email clients could be configured to provide a file name as an argument to gedit, so there is a valid attack that crosses security boundaries.
References
Vulnerable Configurations
  • cpe:2.3:a:gnome:gedit:2.10.2
    cpe:2.3:a:gnome:gedit:2.10.2
CVSS
Base: 2.6 (as of 26-05-2005 - 11:34)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
description Gedit 2.x Filename Format String Vulnerability. CVE-2005-1686. Local exploit for linux platform
id EDB-ID:25688
last seen 2016-02-03
modified 2005-05-30
published 2005-05-30
reporter jsk:exworm
source https://www.exploit-db.com/download/25688/
title Gedit 2.x Filename Format String Vulnerability
nessus via4
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-499.NASL
    description An updated gedit package that fixes a file name format string vulnerability is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team gEdit is a small text editor designed specifically for the GNOME GUI desktop. A file name format string vulnerability has been discovered in gEdit. It is possible for an attacker to create a file with a carefully crafted name which, when the file is opened, executes arbitrary instructions on a victim's machine. Although it is unlikely that a user would manually open a file with such a carefully crafted file name, a user could, for example, be tricked into opening such a file from within an email client. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1686 to this issue. Users of gEdit should upgrade to this updated package, which contains a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21832
    published 2006-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21832
    title CentOS 3 / 4 : gedit (CESA-2005:499)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200506-09.NASL
    description The remote host is affected by the vulnerability described in GLSA-200506-09 (gedit: Format string vulnerability) A format string vulnerability exists when opening files with names containing format specifiers. Impact : A specially crafted file with format specifiers in the filename can cause arbitrary code execution. Workaround : There are no known workarounds at this time.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 18466
    published 2005-06-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18466
    title GLSA-200506-09 : gedit: Format string vulnerability
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-773.NASL
    description This advisory adds security support for the stable amd64 distribution. It covers all security updates since the release of sarge, which were missing updated packages for the not yet official amd64 port. Future security advisories will include updates for this port as well.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 57528
    published 2012-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57528
    title Debian DSA-773-1 : amd64 - several vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-753.NASL
    description A format string vulnerability has been discovered in gedit, a light-weight text editor for GNOME, that may allow attackers to cause a denial of service (application crash) via a binary file with format string specifiers in the filename. Since gedit supports opening files via 'http://' URLs (through GNOME vfs) and other schemes, this might be a remotely exploitable vulnerability. The old stable distribution (woody) is not vulnerable to this problem.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 18674
    published 2005-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18674
    title Debian DSA-753-1 : gedit - format string
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-499.NASL
    description An updated gedit package that fixes a file name format string vulnerability is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team gEdit is a small text editor designed specifically for the GNOME GUI desktop. A file name format string vulnerability has been discovered in gEdit. It is possible for an attacker to create a file with a carefully crafted name which, when the file is opened, executes arbitrary instructions on a victim's machine. Although it is unlikely that a user would manually open a file with such a carefully crafted file name, a user could, for example, be tricked into opening such a file from within an email client. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1686 to this issue. Users of gEdit should upgrade to this updated package, which contains a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 18473
    published 2005-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18473
    title RHEL 3 / 4 : gedit (RHSA-2005:499)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_E319DA0BA22811DAB410000E0C2E438A.NASL
    description Yan Feng reports a format string vulnerability in gedit. This vulnerability could cause a denial of service with a binary file that contains format string characters within the filename. It had been reported that web browsers and email clients can be configured to provide a filename as an argument to gedit.:
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21524
    published 2006-05-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21524
    title FreeBSD : gedit -- format string vulnerability (e319da0b-a228-11da-b410-000e0c2e438a)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_143740-01.NASL
    description SunOS 5.10_x86: Gedit patch. Date this patch was last updated by Sun : May/04/10
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 108056
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108056
    title Solaris 10 (x86) : 143740-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_143739-01.NASL
    description SunOS 5.10: Gedit patch. Date this patch was last updated by Sun : May/04/10
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107562
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107562
    title Solaris 10 (sparc) : 143739-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120287-03.NASL
    description GNOME 2.6.0_x86: Gnome text editor Patch. Date this patch was last updated by Sun : Jun/04/10
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107862
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107862
    title Solaris 10 (x86) : 120287-03
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120286-03.NASL
    description GNOME 2.6.0: Gnome text editor Patch. Date this patch was last updated by Sun : Jun/04/10
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107360
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107360
    title Solaris 10 (sparc) : 120286-03
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_10253.NASL
    description Gedit had a format string bug in the filename handling, potentially allowing an attacker to execute arbitrary code. This bug has been fixed. (CVE-2005-1686)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 41075
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41075
    title SuSE9 Security Update : gedit (YOU Patch Number 10253)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-102.NASL
    description A vulnerability was discovered in gEdit where it was possible for an attacker to create a file with a carefully crafted name which, when opened, executed arbitrary code on the victim's computer. It is highly unlikely that a user would open such a file, due to the file name, but could possibly be tricked into opening it. The updated packages have been patched to correct this problem.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 18499
    published 2005-06-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18499
    title Mandrake Linux Security Advisory : gedit (MDKSA-2005:102)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-138-1.NASL
    description A format string vulnerability has been discovered in gedit. Calling the program with specially crafted file names caused a buffer overflow, which could be exploited to execute arbitrary code with the privileges of the gedit user. This becomes security relevant if e. g. your web browser is configued to open URLs in gedit. If you never open untrusted file names or URLs in gedit, this flaw does not affect you. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20530
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20530
    title Ubuntu 4.10 / 5.04 : gedit vulnerability (USN-138-1)
oval via4
  • accepted 2007-02-20T13:39:37.408-05:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Bob Towbes
      organization Independent Contributor
    description Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (application crash) via a bin file with format string specifiers in the filename. NOTE: while this issue is triggered on the command line by the gedit user, it has been reported that web browsers and email clients could be configured to provide a file name as an argument to gedit, so there is a valid attack that crosses security boundaries.
    family unix
    id oval:org.mitre.oval:def:1245
    status accepted
    submitted 2005-07-11T12:00:00.000-04:00
    title gedit Format String Vulnerability
    version 5
  • accepted 2013-04-29T04:22:43.772-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    description Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (application crash) via a bin file with format string specifiers in the filename. NOTE: while this issue is triggered on the command line by the gedit user, it has been reported that web browsers and email clients could be configured to provide a file name as an argument to gedit, so there is a valid attack that crosses security boundaries.
    family unix
    id oval:org.mitre.oval:def:9845
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (application crash) via a bin file with format string specifiers in the filename. NOTE: while this issue is triggered on the command line by the gedit user, it has been reported that web browsers and email clients could be configured to provide a file name as an argument to gedit, so there is a valid attack that crosses security boundaries.
    version 23
redhat via4
advisories
rhsa
id RHSA-2005:499
refmap via4
bugtraq 20050520 pst.advisory: gedit fun. opensource is god .lol windows
debian DSA-753
gentoo GLSA-200506-09
suse SUSE-SA:2005:036
ubuntu USN-138-1
Last major update 17-10-2016 - 23:21
Published 20-05-2005 - 00:00
Last modified 03-10-2018 - 17:30
Back to Top