Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Gentoo: GLSA-200704-06 Normal: Evince Stack Overflow Threat

gentoo
Calendar Grey April 7, 2007
Dist Gentoo Esm H88
Update Evince on Gentoo to address a stack overflow vulnerability that permits remote code execution via specially designed PostScript files.
Evince improperly handles user-supplied data possibly allowing for the execution of arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200704-06 https://security.gentoo.org/ Severity: Normal Title: Evince: Stack overflow in included gv code Date: April 06, 2007 Bugs: #156573 ID: 200704-06

Synopsis ======= Evince improperly handles user-supplied data possibly allowing for the execution of arbitrary code.
Background ========= Evince is a document viewer for multiple document formats, including PostScript.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/evince < 0.6.1-r3 >= 0.6.1-r3
========== Evince includes code from GNU gv that does not properly boundary check user-supplied data before copying it into process buffers.
Impact ===== An attacker cou...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo arbitrary code execution stack overflow evince

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo arbitrary code execution stack overflow evince

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here