evince vulnerability

2006-12-06T00:00:00
ID USN-390-2
Type ubuntu
Reporter Ubuntu
Modified 2006-12-06T00:00:00

Description

USN-390-1 fixed a vulnerability in evince. The original fix did not
fully solve the problem, allowing for a denial of service in certain
situations.

Original advisory details:

A buffer overflow was discovered in the PostScript processor included
in evince. By tricking a user into opening a specially crafted PS
file, an attacker could crash evince or execute arbitrary code with
the user's privileges.