Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Debian Security Advisory DSA 179-1 (gnome-gv)

Information

Severity

Severity

Medium

Family

Family

Debian Local Security Checks

CVSSv2 Base

CVSSv2 Base

4.6

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

16 years ago

Modified

Modified

6 years ago

Share

Summary

The remote host is missing an update to gnome-gv announced via advisory DSA 179-1.

Insight

Insight

Zen-parse discovered a buffer overflow in gv, a PostScript and PDF viewer for X11. The same code is present in gnome-gv. This problem is triggered by scanning the PostScript file and can be exploited by an attacker sending a malformed PostScript or PDF file. The attacker is able to cause arbitrary code to be run with the privileges of the victim. This problem has been fixed in version 1.1.96-3.1 for the current stable distribution (woody), in version 0.82-2.1 for the old stable distribution (potato) and version 1.99.7-9 for the unstable distribution (sid). We recommend that you upgrade your gnome-gv package.

Solution

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20179-1

Common Vulnerabilities and Exposures (CVE)