evince -- Buffer Overflow Vulnerability

2006-11-27T00:00:00
ID 779A2D55-8BA8-11DB-81D5-00123FFE8333
Type freebsd
Reporter FreeBSD
Modified 2006-11-27T00:00:00

Description

Secunia reports:

A vulnerability has been discovered in Evince, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "get_next_text()" function in ps/ps.c. This can be exploited to cause a buffer overflow by e.g. tricking a user into opening a specially crafted PostScript file.