CVE-2006-5864

EPSS 14.8%

Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the (1) DocumentMedia, (2) DocumentPaperSizes, and possibly (3) PageMedia and (4) PaperSize headers. NOTE: this issue can be exploited through other products that use gv such as evince.

Affected products

n/a · n/a

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/2858unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/22787 http://secunia.com/advisories/22932 http://secunia.com/advisories/23006 http://secunia.com/advisories/23018 http://secunia.com/advisories/23111 http://secunia.com/advisories/23118 http://secunia.com/advisories/23183 http://secunia.com/advisories/23266 http://secunia.com/advisories/23306 http://secunia.com/advisories/23335 http://secunia.com/advisories/23353 http://secunia.com/advisories/23409