CVE-2008-3533
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-3533
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Yelp 格式化串 远程执行任意代码漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Yelp是Gnome中的帮助查看器。 yelp2.19.90至2.24之前的版本中yelp-window.c文件中window_erro函数在处理某些URI时会出现错误。 远程攻击者可以通过构造一个包含特殊格式串的无效URI,当用户使用Yelp打开该URI时,可能导致执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-3533
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-3533
Please Login to view more intelligence information
- https://bugs.launchpad.net/ubuntu/+source/yelp/+bug/254860x_refsource_CONFIRM
- http://bugzilla.gnome.org/show_bug.cgi?id=546364x_refsource_CONFIRM
- http://bugzilla.gnome.org/attachment.cgi?id=115890x_refsource_CONFIRM
- https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00222.htmlvendor-advisoryx_refsource_FEDORA
- http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.htmlvendor-advisoryx_refsource_SUSE
- https://nvd.nist.gov/vuln/detail/CVE-2008-3533
Same Patch Batch · n/a · 2008-08-18 · 11 CVEs total
| CVE-2008-2233 | Openwsman client SSL会话重放漏洞 | |
| CVE-2008-2234 | Openwsma 多个 缓冲区溢出漏洞 | |
| CVE-2008-3270 | RedHat yum-rhn-plugin 拒绝服务漏洞 | |
| CVE-2008-3276 | Linux kernel 数字错误漏洞 | |
| CVE-2008-3324 | PartyGaming PartyPoker client 远程代码执行漏洞 | |
| CVE-2008-3703 | Volume Manager Scheduler Service安全漏洞 | |
| CVE-2003-1563 | Oracle Sun Cluster 安全漏洞 | |
| CVE-2008-2936 | Postfix 权限许可和访问控制问题漏洞 | |
| CVE-2008-2937 | Postfix 本地信息泄露漏洞 | |
| CVE-2008-3704 | Microsoft 多个产品中 Msmask32.ocx 栈溢出漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2008-3533
No comments yet