2744 matches found
evince -- Buffer Overflow Vulnerability
Secunia reports: A vulnerability has been discovered in Evince, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "getnexttext" function in ps/ps.c. This can be exploited to cause a buffer overflow by e.g...
GNU gv: Stack overflow
Background GNU gv is a viewer for PostScript and PDF documents. Description GNU gv does not properly boundary check user-supplied data before copying it into process buffers. Impact An attacker could entice a user to open a specially crafted document with GNU gv and execute arbitrary code with th...
DSA-1214 gv
Bulletin has no description...
gnugv362.txt
GNU gv Stack Overflow Vulnerability //----- Advisory Program : GNU gv Homepage : http://www.gnu.org/software/gv/ Tested version : 3.6.2 Found by : r.lifchitz at sysdream dot com This advisory : r.lifchitz at sysdream dot com Discovery date : 2006/11/06 Vendor notified : 2006/11/09 //-----...
CVE-2006-5864
Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...
DEBIAN-CVE-2006-5864
Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...
CVE-2006-5864
Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...
CVE-2006-5864
Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...
CVE-2006-5864
Technical details (affected product/component/versions/root cause/impact/remediation) are not publicly provided in the supplied documents. Monitor for updates from the connected sources for concrete information.
[Full-disclosure] GNU gv Stack Overflow Vulnerability
GNU gv Stack Overflow Vulnerability //----- Advisory Program : GNU gv Homepage : http://www.gnu.org/software/gv/ Tested version : 3.6.2 Found by : r.lifchitz at sysdream dot com This advisory : r.lifchitz at sysdream dot com Discovery date : 2006/11/06 Vendor notified : 2006/11/09 //-----...
GNU gv buffer overflow
Stack buffer overflow overrun on oversized PostScript comments...
Debian DSA-1021-1 : netpbm-free - insecure program execution
Max Vozeler from the Debian Audit Project discovered that pstopnm, a converter from Postscript to the PBM, PGM and PNM formats, launches Ghostscript in an insecure manner, which might lead to the execution of arbitrary shell commands, when converting specially crafted Postscript files...
Debian DSA-1124-1 : fbi - typo
Toth Andras discovered that the fbgs framebuffer postscript/PDF viewer contains a typo, which prevents the intended filter against malicious postscript commands from working correctly. This might lead to the deletion of user data when displaying a postscript file. %NASLMINLEVEL 70300 C Tenable...
Debian DSA-981-1 : bmv - integer overflow
'felinemalice' discovered an integer overflow in BMV, a post script viewer for SVGAlib, that may lead to the execution of arbitrary code through specially crafted Postscript files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
GLSA-200608-22 : fbida: Arbitrary command execution
The remote host is affected by the vulnerability described in GLSA-200608-22 fbida: Arbitrary command execution Toth Andras has discovered a typographic mistake in the 'fbgs' script, shipped with fbida if the 'fbcon' and 'pdf' USE flags are both enabled. This script runs 'gs' without the -dSAFER...
fbida: Arbitrary command execution
Background fbida is a collection of image viewers and editors for the framebuffer console and X11. fbgs is a PostScript and PDF viewer for the linux framebuffer console. Description Toth Andras has discovered a typographic mistake in the "fbgs" script, shipped with fbida if the "fbcon" and "pdf"...
CVE-2006-3119
The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...
CVE-2006-3119
The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...
DEBIAN-CVE-2006-3119
The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...
CVE-2006-3119
The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...