Intrusion Prevention

GNU.GV.Stack.Buffer.Overflow

Description

GNU gv has a stack-based buffer overflow vulnerability. A remote attacker could execute arbitrary code on the system with the privileges of the victim, via a specially crafted PostScript file containing an overly long field. The vulnerable software packages are GNU gv and GNOME Evince.

Affected Products

GNU gv version 3.6.2 and prior
GNOME Evince version 0.6.1 and prior

Impact

Gain Access

Recommended Actions

Upgrade GNU gv :
http://www.gnu.org
Upgrade version 0.7 :
http://download.gnome.org/sources/evince/0.7/evince-0.7.0.tar.gz

CVE References

CVE-2006-5864