PT-2004-2152 · Fluxbox · Fluxbox
Quith
·
Published
2004-12-15
·
Updated
2017-07-11
·
CVE-2004-1204
CVSS v2.0
2.1
Low
| Vector | AV:L/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions:
FluxBox versions 0.9.10 and earlier
Description:
The issue allows local users to cause a denial of service, resulting in an application crash. This can be achieved by calling Xman with a long
-title value, which may trigger a buffer overflow.Recommendations:
For FluxBox versions 0.9.10 and earlier, consider avoiding the use of long
-title values when calling Xman to prevent the application crash until a fix is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability. Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Fluxbox