Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value.
Max CVSS
7.5
EPSS Score
4.15%
Published
2004-08-16
Updated
2017-07-11
gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.
Max CVSS
7.5
EPSS Score
9.60%
Published
2003-11-17
Updated
2017-07-11
2 vulnerabilities found