Published: 16/08/2004 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote malicious users to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gv gv 2.7b1
gv gv 2.7b2
gv gv 3.1.4
gv gv 3.1.6
gv gv 3.5.8
gv gv 2.7.6
gv gv 3.0.0
gv gv 3.0.4
gv gv 3.5.2
gv gv 3.5.3
gv gv 2.7b5
gv gv 2.9.4
gv gv 3.4.2
gv gv 3.4.3
gv gv 2.7b3
gv gv 2.7b4
gv gv 3.2.4
gv gv 3.4.12

/* * gv postscript viewer exploit , infamous42md AT hotpop DOT com * * run of the mill bof spawns a remote shell on port 7000 woopty doo if * someone has been able to exploit the heap overflow in cfengine, please email * me and teach me something after days of pain i've concluded it's not * possible b/c you can't manipulate the heap en ...

/* there are at least 4 other stack buffer overflows, and 2 heap overflows * the first exploit i wrote exploited the one in the GLSA, and this one exploits * that hole and four other ones as well all of these are in the psscan() function * located in the psc file: 'grep -nP 'sscanf\(*?%%*?%s' psc' * * gv postscript viewer exploit part ...

NVD-CWE-Other http://www.securityfocus.com/bid/10944 http://marc.info/?l=bugtraq&m=109267677114331&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/17019 https://nvd.nist.gov https://www.exploit-db.com/exploits/390/

CVE-2004-1717

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect