Family: Debian Local Security Checks --> Category: infos
[DSA182] DSA-182-1 kdegraphics Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Zen-parse discovered a buffer overflow in gv, a PostScript and PDF
viewer for X11. The same code is present in kghostview which is part
of the KDE-Graphics package. This problem is triggered by scanning
the PostScript file and can be exploited by a possible hacker sending a
malformed PostScript or PDF file. The attacker is able to cause
arbitrary code to be run with the rights of the victim.
This problem has been fixed in version 2.2.2-6.8 for the current
stable distribution (woody) and in version 2.2.2-6.9 for the unstable
distribution (sid). The old stable distribution (potato) is not
affected since no KDE is included.
We recommend that you upgrade your kghostview package.
Solution : http://www.debian.org/security/2002/dsa-182
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.