CVE-2002-0838

Name	CVE-2002-0838
Description	Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScript file, which is processed by an unsafe call to sscanf.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-176, DSA-179, DSA-182

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
gv (PTS)	jessie, stretch	1:3.7.4-1	fixed
	sid, trixie, buster, bullseye, bookworm	1:3.7.4-2	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
gnome-gv	source	woody	1.1.96-3.1		DSA-179
gnome-gv	source	(unstable)	1.99.7-9
gv	source	woody	3.5.8-26.1		DSA-176
gv	source	(unstable)	1:3.5.8-27
kdegraphics	source	woody	2.2.2-6.8		DSA-182
kdegraphics	source	(unstable)	4:2.2.2-6.9