CVE: CVE-2002-0838 - CVE-Search

CVE Details for CVE: CVE-2002-0838

Summary

Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScript file, which is processed by an unsafe call to sscanf.

Timestamps
Last major update	18-10-2016 - 02:22
Published	10-10-2002 - 04:00
Last modified	18-10-2016 - 02:22

References

Vulnerable Configurations

cpe:2.3:a:gv:gv:2.7.6:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7.6:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b1:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b1:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.5.8:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.5.8:*:*:*:*:*:*:*
cpe:2.3:a:ggv:ggv:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ggv:ggv:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b2:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b2:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b3:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b3:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.1.6:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.1.6:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ghostview:ghostview:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:ghostview:ghostview:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:ghostview:ghostview:1.5:*:*:*:*:*:*:*
cpe:2.3:a:ghostview:ghostview:1.5:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.9.4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.9.4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.4.3:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.4.3:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.5.3:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.5.3:*:*:*:*:*:*:*
cpe:2.3:a:ghostview:ghostview:1.3:*:*:*:*:*:*:*
cpe:2.3:a:ghostview:ghostview:1.3:*:*:*:*:*:*:*
cpe:2.3:a:ghostview:ghostview:1.4:*:*:*:*:*:*:*
cpe:2.3:a:ghostview:ghostview:1.4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b5:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b5:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.4.12:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.4.12:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.4.2:*:*:*:*:*:*:*

CAPEC

Click the CAPEC title to display a description

CWE

NVD-CWE-Other

CVSS

Base

4.6

Impact

6.4

Exploitability

3.9

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

CVSS3

None

VIA4 references

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

redhat via4

advisories

rhsa
id RHSA-2002:207
rhsa
id RHSA-2002:212
rhsa
id RHSA-2002:220

refmap via4

bid	5808
bugtraq	20020926 Errata: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv 20020926 iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv 20021017 GLSA: ggv
caldera	CSSA-2002-053.0
cert-vn	VU#600777
conectiva	CLA-2002:542
confirm	http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47780&zone_32=category:security http://www.kde.org/info/security/advisory-20021008-1.txt
debian	DSA-176 DSA-179 DSA-182
mandrake	MDKSA-2002:069 MDKSA-2002:071
xf	gv-sscanf-function-bo(10201)