Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0838

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2002-0838
Last Modified 10 Sep 2008 03:13:00
Published 10 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-0838

Summary

Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScript file, which is processed by an unsafe call to sscanf.

Vulnerable Systems

Application

  • Ggv 1.0.2

  • Ghostview 1.3

  • Ghostview 1.4

  • Ghostview 1.4.1

  • Ghostview 1.5

  • Gv 2.7.6

  • Gv 2.7b1

  • Gv 2.7b2

  • Gv 2.7b3

  • Gv 2.7b4

  • Gv 2.7b5

  • Gv 2.9.4

  • Gv 3.0.0

  • Gv 3.0.4

  • Gv 3.1.4

  • Gv 3.1.6

  • Gv 3.2.4

  • Gv 3.4.12

  • Gv 3.4.2

  • Gv 3.4.3

  • Gv 3.5.2

  • Gv 3.5.3

  • Gv 3.5.8


References

CERT-VN - VU#600777

BID - 5808

REDHAT - RHSA-2002:212

BUGTRAQ - 20020926 iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv

REDHAT - RHSA-2002:220

REDHAT - RHSA-2002:207

CONFIRM - http://www.kde.org/info/security/advisory-20021008-1.txt

XF - gv-sscanf-function-bo(10201)

DEBIAN - DSA-182

DEBIAN - DSA-179

DEBIAN - DSA-176

CALDERA - CSSA-2002-053.0

MANDRAKE - MDKSA-2002:071

MANDRAKE - MDKSA-2002:069

CONFIRM - http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47780&zone_32=category:security

BUGTRAQ - 20021017 GLSA: ggv

BUGTRAQ - 20020926 Errata: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv

CONECTIVA - CLA-2002:542


Last Updated: 27 May 2016 10:37:06