CVE-2008-3971
EPSS 5.7%
描述
Heap-based buffer overflow in the open_man_file function in callbacks.c in gmanedit 0.4.1 allows remote attackers to execute arbitrary code via a crafted man page, which is not properly handled during utf8 conversion. NOTE: another overflow was reported using a configuration file, but that vector does not have a scenario that crosses privilege boundaries.
如何修補 CVE-2008-3971
要修補 CVE-2008-3971,請將受影響套件升級到下列已修補版本。
- Debian/gmanedit—升級至 0.4.1-1.1 或更新版本
CVE-2008-3971 正在被利用嗎?
中等 — EPSS 為 5.7%,可持續追蹤但非最高優先。
受影響套件(1)
- from 0, < 0.4.1-1.1