Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 454
Alerts This Week
Warning Icon 1 454

Gentoo: GLSA 200703-24 Normal: mgv Stack Overflow Code Execution

gentoo
Calendar Grey March 26, 2007
Dist Gentoo Esm H88
Fedora Security Advisory 2021-05-12 highlights potential buffer overflow vulnerabilities in the xyz library, leading to unauthorized access. Explore safer options immediately.
mgv improperly handles user-supplied data possibly allowing for the execution of arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200703-24 https://security.gentoo.org/ Severity: Normal Title: mgv: Stack overflow in included gv code Date: March 26, 2007 Bugs: #154645 ID: 200703-24

Synopsis ======= mgv improperly handles user-supplied data possibly allowing for the execution of arbitrary code.
Background ========= mgv is a Postscript viewer with a Motif interface, based on Ghostview and GNU gv.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/mgv <= 3.1.5 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers.
========== mgv includes code from gv that does not properly boundary check user-supplied data before copying it into process buffers.
Impact ===== An attacker could entice a user to open a specially crafted Postscript docu...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround