DEBIAN-CVE-2008-3533

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2008-3533

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-3533.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2008-3533

Upstream

CVE-2008-3533

Published

2008-08-18T17:41:00Z

Modified

2025-09-25T00:06:47.859509Z

Summary

[none]

Details

Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs.

References

https://security-tracker.debian.org/tracker/CVE-2008-3533

Affected packages

Debian:11 / yelp

Package

Name: yelp
Purl: pkg:deb/debian/yelp?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.22.1-4

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / yelp

Package

Name: yelp
Purl: pkg:deb/debian/yelp?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.22.1-4

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / yelp

Package

Name: yelp
Purl: pkg:deb/debian/yelp?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.22.1-4

Ecosystem specific

{
    "urgency": "low"
}

Debian:14 / yelp

Package

Name: yelp
Purl: pkg:deb/debian/yelp?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.22.1-4

Ecosystem specific

{
    "urgency": "low"
}