2801 matches found
gnugv362.txt
GNU gv Stack Overflow Vulnerability //----- Advisory Program : GNU gv Homepage : http://www.gnu.org/software/gv/ Tested version : 3.6.2 Found by : r.lifchitz at sysdream dot com This advisory : r.lifchitz at sysdream dot com Discovery date : 2006/11/06 Vendor notified : 2006/11/09 //-----...
CVE-2006-5864
Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...
DEBIAN-CVE-2006-5864
Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...
CVE-2006-5864
Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...
CVE-2006-5864
Technical details (affected product/component/versions/root cause/impact/remediation) are not publicly provided in the supplied documents. Monitor for updates from the connected sources for concrete information.
CVE-2006-5864
Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...
[Full-disclosure] GNU gv Stack Overflow Vulnerability
GNU gv Stack Overflow Vulnerability //----- Advisory Program : GNU gv Homepage : http://www.gnu.org/software/gv/ Tested version : 3.6.2 Found by : r.lifchitz at sysdream dot com This advisory : r.lifchitz at sysdream dot com Discovery date : 2006/11/06 Vendor notified : 2006/11/09 //-----...
GNU gv buffer overflow
Stack buffer overflow overrun on oversized PostScript comments...
Debian DSA-1124-1 : fbi - typo
Toth Andras discovered that the fbgs framebuffer postscript/PDF viewer contains a typo, which prevents the intended filter against malicious postscript commands from working correctly. This might lead to the deletion of user data when displaying a postscript file. %NASLMINLEVEL 70300 C Tenable...
Debian DSA-1021-1 : netpbm-free - insecure program execution
Max Vozeler from the Debian Audit Project discovered that pstopnm, a converter from Postscript to the PBM, PGM and PNM formats, launches Ghostscript in an insecure manner, which might lead to the execution of arbitrary shell commands, when converting specially crafted Postscript files...
Debian DSA-981-1 : bmv - integer overflow
'felinemalice' discovered an integer overflow in BMV, a post script viewer for SVGAlib, that may lead to the execution of arbitrary code through specially crafted Postscript files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
GLSA-200608-22 : fbida: Arbitrary command execution
The remote host is affected by the vulnerability described in GLSA-200608-22 fbida: Arbitrary command execution Toth Andras has discovered a typographic mistake in the 'fbgs' script, shipped with fbida if the 'fbcon' and 'pdf' USE flags are both enabled. This script runs 'gs' without the -dSAFER...
fbida: Arbitrary command execution
Background fbida is a collection of image viewers and editors for the framebuffer console and X11. fbgs is a PostScript and PDF viewer for the linux framebuffer console. Description Toth Andras has discovered a typographic mistake in the "fbgs" script, shipped with fbida if the "fbcon" and "pdf"...
CVE-2006-3119
The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...
DEBIAN-CVE-2006-3119
The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...
CVE-2006-3119
The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...
CVE-2006-3119
The CVE-2006-3119 issue concerns the fbgs PostScript/PDF viewer component of fbida (before version 2.01). A typographic mistake in the fbgs script prevents the intended filter from working, allowing a user-assisted attacker to bypass the filter and cause the PostScript commands to execute. Eviden...
CVE-2006-3119
The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...
[SECURITY] [DSA 1124-1] New fbi packages fix potential deletion of user data
-------------------------------------------------------------------------- Debian Security Advisory DSA 1124-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 24th, 2006 http://www.debian.org/security/faq -...
DSA-1124 fbi - typo
Bulletin has no description...