FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

evince -- Buffer Overflow Vulnerability

Affected packages
evince < 0.6.1_1

Details

VuXML ID 779a2d55-8ba8-11db-81d5-00123ffe8333
Discovery 2006-11-27
Entry 2006-12-14

Secunia reports:

A vulnerability has been discovered in Evince, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within the "get_next_text()" function in ps/ps.c. This can be exploited to cause a buffer overflow by e.g. tricking a user into opening a specially crafted PostScript file.

[source]

References

CVE Name CVE-2006-5864
URL http://secunia.com/advisories/23111/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.