Red Hat Bugzilla – Bug 215136
CVE-2006-5864: gv <= 3.6.2 stack-based buffer overflow
Last modified: 2007-11-30 17:11:48 EST
"Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv
3.6.2, and possibly earlier versions, allows user-assisted attackers to execute
arbitrary code via a PostScript (PS) file with certain headers that contain long
comments, as demonstrated using the DocumentMedia header."
Mandriva Linux Security Advisory, MDKSA-2006:214-1, says the following:
"The patch used in the previous update still left the possibility of
causing X to consume unusual amounts of memory if gv is used to view a
carefully crafted image designed to exploit CVE-2006-5864. This update
uses an improved patch to address this issue."
For patches see, for example, gv-3.6.1-4.3.20060mdk.src.rpm
Thanks for the references. Fixed in 3.6.2-2.
For info for people interested in older distros: the patch has been applied in
Extras for FC5+ only, not FC4 at the moment.