{"id":"CVE-2006-5864","details":"Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the (1) DocumentMedia, (2) DocumentPaperSizes, and possibly (3) PageMedia and (4) PaperSize headers.  NOTE: this issue can be exploited through other products that use gv such as evince.","modified":"2026-04-10T03:38:35.492494Z","published":"2006-11-11T01:07:00Z","related":["openSUSE-SU-2024:10742-1"],"references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/22787"},{"type":"ADVISORY","url":"http://secunia.com/advisories/22932"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23006"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23018"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23111"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23118"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23183"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23266"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23306"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23335"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23353"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23409"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23579"},{"type":"ADVISORY","url":"http://secunia.com/advisories/24649"},{"type":"ADVISORY","url":"http://secunia.com/advisories/24787"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200611-20.xml"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200703-24.xml"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200704-06.xml"},{"type":"ADVISORY","url":"http://www.debian.org/security/2006/dsa-1214"},{"type":"ADVISORY","url":"http://www.debian.org/security/2006/dsa-1243"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:214"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:229"},{"type":"ADVISORY","url":"http://www.novell.com/linux/security/advisories/2006_26_sr.html"},{"type":"ADVISORY","url":"http://www.novell.com/linux/security/advisories/2006_28_sr.html"},{"type":"ADVISORY","url":"http://www.novell.com/linux/security/advisories/2006_29_sr.html"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/usn-390-1"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/usn-390-2"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/usn-390-3"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2006/4424"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2006/4747"},{"type":"EVIDENCE","url":"http://www.securityfocus.com/bid/20978"},{"type":"WEB","url":"http://www.kb.cert.org/vuls/id/352825"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/451057/100/0/threaded"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/451422/100/200/threaded"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/452868/100/0/threaded"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30153"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30555"},{"type":"WEB","url":"https://issues.rpath.com/browse/RPL-850"},{"type":"WEB","url":"https://www.exploit-db.com/exploits/2858"}],"schema_version":"1.7.5"}