Mandriva Update For Yelp MDVSA-2008:175 (yelp) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A format string vulnerability was discovered in yelp after version 2.19.90 and before 2.24 that could allow remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command-line or via URI helpers in Firefox, Evolution, or possibly other programs (CVE-2008-3533). The updated packages have been patched to correct this issue.

Affected

yelp on Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64, Mandriva Linux 2008.1, Mandriva Linux 2008.1/X86_64

Severity

Classification

CVE CVE-2008-3533
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:030 (amarok)
Mandrake Security Advisory MDVSA-2009:023 (php)
Mandrake Security Advisory MDVSA-2009:078 (evolution-data-server)
Mandrake Security Advisory MDVSA-2009:076 (avahi)
Mandrake Security Advisory MDVSA-2009:149 (apache)

Mandriva Update for yelp MDVSA-2008:175 (yelp)

Take action and discover your vulnerabilities