A buffer overflow vulnerability exists in the GNU gv viewer application. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition.
From the GNU gv website:
GNU gv allows to view and navigate through PostScript and PDF documents on an X display by providing a user interface for the ghostscript interpreter.
A remote, unauthenticated attacker may be able to execute code with the privileges of the user running GNU gv.
Debian GNU/Linux Affected
Gentoo Linux Affected
Juniper Networks, Inc. Not Affected
Microsoft Corporation Not Affected
NetBSD Not Affected
Openwall GNU/*/Linux Not Affected
Apple Computer, Inc. Unknown
Conectiva Inc. Unknown
Cray Inc. Unknown
Engarde Secure Linux Unknown
F5 Networks, Inc. Unknown
Fedora Project Unknown
FreeBSD, Inc. Unknown
Hewlett-Packard Company Unknown
IBM Corporation Unknown
IBM Corporation (zseries) Unknown
IBM eServer Unknown
Immunix Communications, Inc. Unknown
Ingrian Networks, Inc. Unknown
Mandriva, Inc. Unknown
MontaVista Software, Inc. Unknown
NEC Corporation Unknown
Novell, Inc. Unknown
QNX, Software Systems, Inc. Unknown
Red Hat, Inc. Unknown
SUSE Linux Unknown
Silicon Graphics, Inc. Unknown
Slackware Linux Inc. Unknown
Sony Corporation Unknown
Sun Microsystems, Inc. Unknown
The SCO Group Unknown
Trustix Secure Linux Unknown
Wind River Systems, Inc. Unknown
This vulnerability was publicly reported by Renaud Lifchitz.
This document was written by Ryan Giobbi.
|Date First Published:||2006-11-28|
|Date Last Updated:||2006-12-01 20:42 UTC|