DEBIAN-CVE-2006-5864

Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...

CVE-2006-5864

Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...

CVE-2006-5864

Technical details (affected product/component/versions/root cause/impact/remediation) are not publicly provided in the supplied documents. Monitor for updates from the connected sources for concrete information.

GNU GV浏览器ps_gettext()函数栈溢出漏洞

gv是X窗口系统下的PostScript和PDF文件浏览器。 gv在处理PS文件中畸形的头时存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞在用户机器上执行任意指令。 gv浏览器的ps.c文件中的psgettext函数存在栈溢出漏洞，问题在于将PS文件的一些特定头（如%%DocumentMedia:）中的超长标注无条件的拷贝到了text（栈上257字节长的缓冲区），导致远程攻击者可以通过诱骗用户打开恶意的文件导致执行任意代码。 GNU gv 3.6.2 GNU gv 3.6.1 GNU gv 3.6 GNU gv 3.5.8...