MidnightBSD

Advisories for ghostview

CVE-2002-0838 MEDIUM

Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScript file, which is processed by an unsafe call to sscanf.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gv gv 3.0.4
ghostview ghostview 1.4.1
ghostview ghostview 1.5
gv gv 3.1.4
gv gv 2.7b5
gv gv 3.4.3
ghostview ghostview 1.3
gv gv 2.9.4
gv gv 3.4.12
gv gv 3.5.3
gv gv 3.4.2
gv gv 3.2.4
gv gv 3.5.2
gv gv 2.7.6
gv gv 3.1.6
gv gv 3.0.0
gv gv 3.5.8
gv gv 2.7b3
gv gv 2.7b4
ggv ggv 1.0.2
gv gv 2.7b1
gv gv 2.7b2
ghostview ghostview 1.4
CVE-2002-1569 HIGH

gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gv gv 3.0.4
ghostview ghostview 1.4.1
ghostview ghostview 1.5
gv gv 3.1.4
gv gv 2.7b5
gv gv 3.4.3
ghostview ghostview 1.3
gv gv 2.9.4
gv gv 3.4.12
gv gv 3.5.3
gv gv 3.4.2
gv gv 3.2.4
gv gv 3.5.2
gv gv 2.7.6
gv gv 3.1.6
gv gv 3.0.0
gv gv 3.5.8
gv gv 2.7b3
gv gv 2.7b4
gv gv 2.7b1
gv gv 2.7b2
ghostview ghostview 1.4