CVE-2001-0927
GNOME libgtop_daemon <= 1.0.12 - Remote Code Execution via Format String in permitted Function
Title source: llmDescription
Format string vulnerability in the permitted function of GNOME libgtop_daemon in libgtop 1.0.12 and earlier allows remote attackers to execute arbitrary code via an argument that contains format specifiers that are passed into the (1) syslog_message and (2) syslog_io_message functions.
References (3)
Core 3
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=100689302316077&w=2
Various Sources x_refsource_misc
ftp://ftp.gnome.org/pub/GNOME/stable/sources/libgtop/libgtop-1.0.13.tar.gz
Patch, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2002/dsa-098
Scores
EPSS
0.0205
EPSS Percentile
84.1%
Details
Status
published
Products (4)
gnome/libgtop_daemon
1.0.6
gnome/libgtop_daemon
1.0.7
gnome/libgtop_daemon
1.0.9
gnome/libgtop_daemon
1.0.12
Published
Nov 27, 2001
Tracked Since
Feb 18, 2026