134 matches found
Debian DSA-293-1 : kdelibs - insecure execution
The KDE team discovered a vulnerability in the way KDE uses Ghostscript software for processing of PostScript PS and PDF files. An attacker could provide a malicious PostScript or PDF file via mail or websites that could lead to executing arbitrary commands under the privileges of the user viewin...
CVE-2002-0836
dvips converter for Postscript files in the tetex package calls the system function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts...
GLSA-200408-10 : gv: Exploitable Buffer Overflow
The remote host is affected by the vulnerability described in GLSA-200408-10 gv: Exploitable Buffer Overflow gv contains a buffer overflow vulnerability where an unsafe sscanf call is used to interpret PDF and PostScript files. Impact : By enticing a user to view a malformed PDF or PostScript fil...
CVE-2004-1717
Multiple buffer overflows in the psscan function in ps.c for gv ghostview allow remote attackers to execute arbitrary code via a Postscript file with a long 1 BoundingBox, 2 comment, 3 Orientation, 4 PageOrder, or 5 Pages value...
CVE-2004-1717
Multiple buffer overflows in the psscan function in ps.c for gv ghostview allow remote attackers to execute arbitrary code via a Postscript file with a long 1 BoundingBox, 2 comment, 3 Orientation, 4 PageOrder, or 5 Pages value...
gv buffer overflow
Buffer overflow on parsing PDF and PS files...
RHEL 2.1 : ggv (RHSA-2002:211)
Updated packages for gv, ggv, and kdegraphics fix a local buffer overflow when reading malformed PDF or PostScript files. Updated 07 Jan 2003 Added fixed packages for the Itanium IA64 architecture. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 Gv and ggv are user interface...
[SECURITY] [DSA 293-1] New kdelibs packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 293-1 [email protected] http://www.debian.org/security/ Martin Schulze April 23rd, 2003 http://www.debian.org/security/faq -...
DSA-293 kdelibs - insecure execution
Bulletin has no description...
CVE-2002-0836
dvips converter for Postscript files in the tetex package calls the system function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts...
KDE Security Advisory: KGhostview Arbitary Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KDE Security Advisory: KGhostview Arbitary Code Execution Original Release Date: 2002-10-08 URL: http://www.kde.org/info/security/advisory-20021008-1.txt 0. References cve.mitre.org: CAN-2002-0838 BUGTRAQ:20020926 iDEFENSE Security Advisory 09.26.2002...
DEBIAN-CVE-2002-0838
Buffer overflow in 1 gv 3.5.8 and earlier, 2 gvv 1.0.2 and earlier, 3 ggv 1.99.90 and earlier, 4 gnome-gv, and 5 kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed a PDF or b PostScript file, which is processed by an unsafe call to sscanf...
iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 09.26.2002 Exploitable Buffer Overflow in gv DESCRIPTION The gv program that is shipped on many Unix systems contains a buffer overflow which can be exploited by an attacker sending a malformed postscript or Adobe pdf file...
BSD lpr 0.54 -4 - Arbitrary Command Execution
BSD lpr 0.54 -4 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/1834/info lpr is a set of printing tools for unix systems. The lpr package that ships with RedHat Linux 6.2 and possibly earlier versions contains a vulnerability that will allow an attacker to execute arbitra...