MidnightBSD

Advisories for gv

CVE-2002-0838 MEDIUM

Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScript file, which is processed by an unsafe call to sscanf.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gv gv 2.7b5
gv gv 3.4.2
gv gv 2.7b1
gv gv 3.4.3
gv gv 2.9.4
gv gv 3.0.4
gv gv 2.7.6
gv gv 3.5.2
gv gv 2.7b4
ghostview ghostview 1.3
gv gv 3.5.3
ghostview ghostview 1.4.1
gv gv 2.7b3
gv gv 3.0.0
gv gv 3.1.4
ghostview ghostview 1.4
ghostview ghostview 1.5
gv gv 2.7b2
gv gv 3.1.6
gv gv 3.2.4
gv gv 3.4.12
gv gv 3.5.8
ggv ggv 1.0.2
CVE-2002-1569 HIGH

gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gv gv 2.7b5
gv gv 3.4.2
gv gv 2.7b1
gv gv 3.4.3
gv gv 2.9.4
gv gv 3.0.4
gv gv 2.7.6
gv gv 3.5.2
gv gv 2.7b4
ghostview ghostview 1.3
gv gv 3.5.3
ghostview ghostview 1.4.1
gv gv 2.7b3
gv gv 3.0.0
gv gv 3.1.4
ghostview ghostview 1.4
ghostview ghostview 1.5
gv gv 2.7b2
gv gv 3.1.6
gv gv 3.2.4
gv gv 3.4.12
gv gv 3.5.8
CVE-2004-1717 HIGH

Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gv gv 2.7b5
gv gv 3.4.2
gv gv 2.7b1
gv gv 3.4.3
gv gv 2.9.4
gv gv 3.0.4
gv gv 2.7.6
gv gv 3.5.2
gv gv 2.7b4
gv gv 3.5.3
gv gv 2.7b3
gv gv 3.0.0
gv gv 3.1.4
gv gv 2.7b2
gv gv 3.1.6
gv gv 3.2.4
gv gv 3.4.12
gv gv 3.5.8