Package: evince Version: 0.4.0-2+b2 Severity: important Tags: Security A vulnerability has been identified in GNOME Evince, which could be exploited by attackers to execute arbitrary commands. This flaw is due to a buffer overflow error when handling a PostScript file containing an overly long "DocumentMedia" field, which could be exploited by attackers to crash a vulnerable application or compromise a vulnerable system by convincing a user to open a specially crafted file.
Maybe the version evince 0.4.0-2+b3 and 0.4.0-2+b2 is vulnerable. If not I will close this bug. http://www.frsirt.com/english/advisories/2006/4747 -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-2-486 Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
