[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug-gv] [bug #18336] GNU GV Stack Buffer Overflow Vulnerability
From: |
anonymous |
Subject: |
[bug-gv] [bug #18336] GNU GV Stack Buffer Overflow Vulnerability |
Date: |
Tue, 21 Nov 2006 14:26:40 +0000 |
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.8) Gecko/20061029 SeaMonkey/1.0.6 |
URL:
<http://savannah.gnu.org/bugs/?18336>
Summary: GNU GV Stack Buffer Overflow Vulnerability
Project: GNU gv
Submitted by: None
Submitted on: Dienstag 21.11.2006 um 14:26 UTC
Category: None
Severity: 3 - Normal
Item Group: None
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Release: None
_______________________________________________________
Details:
For a full description of the bug, see
http://www.securityfocus.com/bid/20978
Here is a short extract from that page:
"GNU gv is prone to a stack-based buffer-overflow vulnerability because the
application fails to properly bounds-check user-supplied data before copying
it into an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code in
the context of users running the affected application. Failed attempts will
likely crash the application, resulting in denial-of-service conditions.
Version 3.6.2 is reported vulnerable; other versions may also be affected.
NOTE: Various other applications may employ embedded GNU gv code and could
also be vulnerable as a result."
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?18336>
_______________________________________________
Nachricht geschickt von/durch Savannah
http://savannah.gnu.org/
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [bug-gv] [bug #18336] GNU GV Stack Buffer Overflow Vulnerability,
anonymous <=