Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 530
Alerts This Week
Warning Icon 1 530

Gentoo GLSA-200611-20 Normal: Risk of gv Stack Overflow Vulnerability

gentoo
Calendar Grey November 24, 2006
Dist Gentoo Esm H88
The GNU gv package within Gentoo has encountered a critical stack overflow vulnerability; it's essential to upgrade the software to safeguard against potential execution of arbitrary code.
GNU gv improperly handles user-supplied data possibly allowing for the execution of arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200611-20 https://security.gentoo.org/ Severity: Normal Title: GNU gv: Stack overflow Date: November 24, 2006 Bugs: #154573 ID: 200611-20

Synopsis ======= GNU gv improperly handles user-supplied data possibly allowing for the execution of arbitrary code.
Background ========= GNU gv is a viewer for PostScript and PDF documents.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/gv < 3.6.2-r1 >= 3.6.2-r1
========== GNU gv does not properly boundary check user-supplied data before copying it into process buffers.
Impact ===== An attacker could entice a user to open a specially crafted document with GNU gv and execut...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround