VDB
CVE-2002-0838
CVE-2002-0838
PUBLISHED
CVSS 4.599999904632568 MEDIUM
Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScript file, which is processed by an unsafe call to sscanf.
EPSS 4.43% · 89.2th percentile
Risk Scores
CVSS 2.0
4.599999904632568
EPSS Score
4.43%
89.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ggv | ggv | 1.0.2 |
| n/a | n/a | n/a |
| gv | gv | 3.5.8, 3.5.2, 3.2.4 |
| ghostview | ghostview | 1.3, 1.4.1, 1.5 |
Exploit Intelligence
- CLA-2002:542 (circl)
- DSA-176 (circl)
- 20021017 GLSA: ggv (circl)
- DSA-179 (circl)
- MDKSA-2002:069 (circl)
- http://www.kde.org/info/security/advisory-20021008-1.txt (circl)
- CSSA-2002-053.0 (circl)
- DSA-182 (circl)
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47780&zone_32=category:security (circl)
- VU#600777 (circl)
…and 8 more exploits
Timeline
- Oct 1, 2002 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 3, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- DSA-179 vendor-advisory
- MDKSA-2002:069 vendor-advisory
- http://www.kde.org/info/security/advisory-20021008-1.txt url
- CSSA-2002-053.0 vendor-advisory
- DSA-182 vendor-advisory
- CLA-2002:542 vendor-advisory
- 20020926 iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv mailing-list
- MDKSA-2002:071 vendor-advisory
- 5808 vdb
- DSA-176 vendor-advisory
- gv-sscanf-function-bo(10201) vdb
- RHSA-2002:212 vendor-advisory
- RHSA-2002:220 vendor-advisory
- RHSA-2002:207 vendor-advisory
- VU#600777 third-party-advisory
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47780&zone_32=category:security url
- 20021017 GLSA: ggv mailing-list
- 20020926 Errata: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2002-0838 advisory