Unrated severityNVD Advisory· Published Dec 17, 2008· Updated Apr 23, 2026
CVE-2008-5660
CVE-2008-5660
Description
Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response.
Affected products
12cpe:2.3:a:gnome:vinagre:0.5.0:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:gnome:vinagre:0.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:vinagre:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:vinagre:2.23.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:vinagre:2.23.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:vinagre:2.23.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:vinagre:2.23.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:vinagre:2.23.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:vinagre:2.23.90:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:vinagre:2.23.91:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:vinagre:2.23.92:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:vinagre:2.24.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:vinagre:2.24.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- www.coresecurity.com/content/vinagre-format-stringnvdExploit
- secunia.com/advisories/33041nvdVendor Advisory
- secunia.com/advisories/33046nvdVendor Advisory
- secunia.com/advisories/33082nvdVendor Advisory
- www.mandriva.com/security/advisoriesnvdVendor Advisory
- www.ubuntu.com/usn/usn-689-1nvdVendor Advisory
- www.securityfocus.com/archive/1/499057/100/0/threadednvd
- www.vupen.com/english/advisories/2008/3362nvd
- bugzilla.redhat.com/show_bug.cginvd
- www.exploit-db.com/exploits/7401nvd
- www.redhat.com/archives/fedora-package-announce/2008-December/msg00473.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-December/msg00485.htmlnvd
News mentions
0No linked articles in our index yet.