CVE-2008-3533 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2008-3533 Interim 1 3 2021-06-09T08:45:54Z current 2021-05-30T12:43:30Z 2021-06-09T08:45:54Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2008-3533 Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html E-Mail link for SUSE-SR:2008:024 https://www.suse.com/support/security/rating/ SUSE Security Ratings Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs. CVE-2008-3533 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C