How to Buy
This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
An updated gedit package that fixes a file name format string
vulnerability is now available.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team
gEdit is a small text editor designed specifically for the GNOME GUI
A file name format string vulnerability has been discovered in gEdit.
It is possible for an attacker to create a file with a carefully
crafted name which, when the file is opened, executes arbitrary
instructions on a victim's machine. Although it is unlikely that a
user would manually open a file with such a carefully crafted file
name, a user could, for example, be tricked into opening such a file
from within an email client. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CVE-2005-1686 to this
Users of gEdit should upgrade to this updated package, which contains
a backported patch to correct this issue.
See also :
Update the affected gedit and / or gedit-devel packages.
Risk factor :
Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.1
Public Exploit Available : true
Family: Red Hat Local Security Checks
Nessus Plugin ID: 18473 ()
Bugtraq ID: 13699
CVE ID: CVE-2005-1686
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.