CVE-2006-5864

N/A Unknown

Published: November 11, 2006 Modified: April 23, 2026

Description

Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the (1) DocumentMedia, (2) DocumentPaperSizes, and possibly (3) PageMedia and (4) PaperSize headers. NOTE: this issue can be exploited through other products that use gv such as evince.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/22787

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/22932

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/23006

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/23018

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/23111

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/23118

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/23183

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/23266

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/23306

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/23335

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/23353

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/23409

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/23579

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/24649

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/24787

Source: cve@mitre.org

Vendor Advisory

http://security.gentoo.org/glsa/glsa-200611-20.xml

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200703-24.xml

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200704-06.xml

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-1214

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-1243

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/352825

Source: cve@mitre.org

US Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2006:214

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:229

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2006_26_sr.html

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2006_28_sr.html

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2006_29_sr.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/451057/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/451422/100/200/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/452868/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/20978

Source: cve@mitre.org

Exploit

http://www.ubuntu.com/usn/usn-390-1

Source: cve@mitre.org

http://www.ubuntu.com/usn/usn-390-2

Source: cve@mitre.org

http://www.ubuntu.com/usn/usn-390-3

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/4424

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2006/4747

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/30153

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/30555

Source: cve@mitre.org

https://issues.rpath.com/browse/RPL-850

Source: cve@mitre.org

https://www.exploit-db.com/exploits/2858

Source: cve@mitre.org

http://secunia.com/advisories/22787