ADVISORIES
- CVE-2007-6183 (NVD)
- GHSA-xgj6-pgrm-x4r2
- OSVDB-40774
GEM
SEVERITY
CVSS v2.0: 6.8 (Medium)
PATCHED VERSIONS
- > 0.16.0
DESCRIPTION
Format string vulnerability in the mdiag_initialize function in gtk/src/rbgtkmessagedialog.c in Ruby-GNOME 2 (aka Ruby/Gnome2) 0.16.0, and SVN versions before 20071127, allows context-dependent attackers to execute arbitrary code via format string specifiers in the message parameter.