Description
Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI.
Affected products
- Avaya / cvlan
- RedHat / enterprise_linux2.1 – 2.1
- RedHat / enterprise_linux2.1 – 2.1
- RedHat / enterprise_linux2.1 – 2.1
- RedHat / enterprise_linux2.1 – 2.1
- RedHat / enterprise_linux2.1 – 2.1
- RedHat / enterprise_linux2.1 – 2.1
- RedHat / enterprise_linux3.0 – 3.0
- RedHat / enterprise_linux3.0 – 3.0
- RedHat / enterprise_linux3.0 – 3.0
- RedHat / enterprise_linux_desktop3.0 – 3.0
- RedHat / linux_advanced_workstation2.1 – 2.1
- RedHat / linux_advanced_workstation2.1 – 2.1
References
- MISChttps://bugzilla.fedora.us/show_bug.cgi?id=1944
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9854
- MISChttp://www.redhat.com/support/errata/RHSA-2004-373.html
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/16897
- MISChttp://rpmfind.net/linux/RPM/suse/9.3/i386/suse/i586/gnome-vfs-1.0.5-816.2.i586.html