|
Family: Debian Local Security Checks --> Category: infos
[DSA176] DSA-176-1 gv Vulnerability Scan
Vulnerability Scan Summary DSA-176-1 gv
Detailed Explanation for this Vulnerability Test
Zen-parse discovered a buffer overflow in gv, a PostScript and PDF
viewer for X11. This problem is triggered by scanning the PostScript
file and can be exploited by a possible hacker sending a malformed
PostScript or PDF file. The attacker is able to cause arbitrary code
to be run with the rights of the victim.
This problem has been fixed in version 3.5.8-26.1 for the current
stable distribution (woody), in version 3.5.8-17.1 for the old stable
distribution (potato) and version 3.5.8-27 for the unstable
distribution (sid).
We recommend that you upgrade your gv package.
Solution : http://www.debian.org/security/2002/dsa-176
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|