Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200408-10] gv: Exploitable Buffer Overflow Vulnerability Scan
Vulnerability Scan Summary
gv: Exploitable Buffer Overflow
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200408-10
(gv: Exploitable Buffer Overflow)
gv contains a buffer overflow vulnerability where an unsafe sscanf() call
is used to interpret PDF and PostScript files.
By enticing a user to view a malformed PDF or PostScript file a possible hacker
could execute arbitrary code with the permissions of the user running gv.
There is no known workaround at this time. All users are encouraged to
upgrade to the latest available version of gv.
All gv users should upgrade to the latest version:
# emerge sync
# emerge -pv ">=app-text/gv-3.5.8-r4"
# emerge ">=app-text/gv-3.5.8-r4"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.