|
Family: Debian Local Security Checks --> Category: infos
[DSA1243] DSA-1243-1 evince Vulnerability Scan
Vulnerability Scan Summary DSA-1243-1 evince
Detailed Explanation for this Vulnerability Test
Renaud Lifchitz discovered that gv, the PostScript and PDF viewer for X,
performs insufficient boundary checks in the Postscript parsing code,
which allows the execution of arbitrary code through a buffer overflow.
Evince embeds a copy of gv and needs an update as well.
For the stable distribution (sarge) this problem has been fixed in
version 0.1.5-2sarge1.
For the upcoming stable distribution (etch) this problem has been
fixed in version 0.4.0-3.
For the unstable distribution (sid) this problem has been fixed in
version 0.4.0-3.
We recommend that you upgrade your evince package.
Solution : http://www.debian.org/security/2006/dsa-1243
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|