{"vuid":"VU#600777","idnumber":"600777","name":"gv contains buffer overflow in sscanf() function","keywords":["gv","buffer overflow","scanf() function","adobe pdf","postscript"],"overview":"A remotely exploitable buffer overflow vulnerability exists in gv.","clean_desc":"A remotely exploitable buffer overflow vulnerability exists in gv. gv allows a user to view and navigate PostScript and PDF documents by providing an interface to the ghostscript interpreter. This vulnerability can allow a remote attacker to execute arbitrary code on a vulnerable host.","impact":"A remote attacker can execute arbitrary code on a vulnerable host with the privileges of the victim.","resolution":"Apply a patch.","workarounds":"","sysaffected":"","thanks":"Thanks to David Endler for reporting this vulnerability.","author":"This document was written by Ian A Finlay.","public":["http://www.idefense.com/advisory/09.26.02.txt","http://wwwthep.physik.uni-mainz.de/~plass/gv/","http://rhn.redhat.com/errata/RHSA-2002-207.html","http://marc.theaimsgroup.com/?l=bugtraq&m=103305615613319&w=2"],"cveids":["CVE-2002-0838"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-09-27T14:45:50Z","publicdate":"2002-09-26T00:00:00Z","datefirstpublished":"2002-10-17T14:17:58Z","dateupdated":"2002-10-17T20:02:57Z","revision":14,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"10","cam_impact":"17","cam_easeofexploitation":"15","cam_attackeraccessrequired":"15","cam_scorecurrent":"16.4953125","cam_scorecurrentwidelyknown":"16.4953125","cam_scorecurrentwidelyknownexploited":"30.8390625","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":16.4953125,"vulnote":null}