Solution
Please Install the Updated Packages.
Insight
A format string vulnerability was discovered in yelp after version 2.19.90 and before 2.24 that could allow remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command-line or via URI helpers in Firefox, Evolution, or possibly other programs (CVE-2008-3533).
The updated packages have been patched to correct this issue.
Affected
yelp on Mandriva Linux 2008.0,
Mandriva Linux 2008.0/X86_64,
Mandriva Linux 2008.1,
Mandriva Linux 2008.1/X86_64
Severity
Classification
-
CVE CVE-2008-3533 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities