MDKSA-2006:229
- Package name
- evince
- Date
- 2006-12-13
- Advisory ID
- MDKSA-2006:229
- Affected versions
- 2007.0 x86_64 , 2007.0 i586
Problem description
Stack-based buffer overflow in ps.c for evince allows user-assisted
attackers to execute arbitrary code via a PostScript (PS) file with
certain headers that contain long comments, as demonstrated using the
DocumentMedia header.
Packages have been patched to correct this issue.
Updated packages
2007.0 x86_64
5d231a5f65991fe2383cdfc907425b77 2007.0/x86_64/evince-0.6.0-1.2mdv2007.0.x86_64.rpm d8a6e0604fe5fff79909659bd2fa0136 2007.0/SRPMS/evince-0.6.0-1.2mdv2007.0.src.rpm
2007.0 i586
9cac7456ee1b25c93bd73c430475baaf 2007.0/i586/evince-0.6.0-1.2mdv2007.0.i586.rpm d8a6e0604fe5fff79909659bd2fa0136 2007.0/SRPMS/evince-0.6.0-1.2mdv2007.0.src.rpm