CVE-2002-0838
kdegraphics - buffer overflow
EPSS 4.4%
Description
Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScript file, which is processed by an unsafe call to sscanf.
How to fix CVE-2002-0838
To remediate CVE-2002-0838, upgrade the affected package to a fixed version below.
- Debian/gnome-gv—upgrade to 1.1.96-3.1 or later
- Debian/gv—upgrade to 1:3.5.8-27 or later
- —upgrade to 3.5.8-26.1 or later
- —upgrade to 2.2.2-6.8 or later
Is CVE-2002-0838 being exploited?
Low — EPSS is 4.4%, meaning exploitation activity has not been observed at scale.
Affected packages (4)
- from 0, < 1.1.96-3.1
- from 0, < 1:3.5.8-27
- from 0, < 3.5.8-26.1
- from 0, < 2.2.2-6.8