Debian: DSA 183-1 Urgent: kdegraphics Buffer Overflow Exploit
debian
October 28, 2002
This problem is triggered by scanningthe PostScript file and can be exploited by an attacker sending amalformed PostScript or PDF file
Summary
Zen-parse discovered a buffer overflow in gv, a PostScript and PDF
viewer for X11. The same code is present in kghostview which is part
of the KDE-Graphics package. This problem is triggered by scanning
the PostScript file and can be exploited by an attacker sending a
malformed PostScript or PDF file. The attacker is able to cause
arbitrary code to be run with the privileges of the victim.
This problem has been fixed in version 2.2.2-6.8 for the current
stable distribution (woody) and in version 2.2.2-6.9 for the unstable
distribution (sid). The old stable distribution (potato) is not
affected since no KDE is included.
We recommend that you upgrade your kghostview package.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automate...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: kdegraphics
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!