Gentoo Security Advisory GLSA 200703-24 (mgv) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200703-24.

Solution

mgv is currently unmaintained, and the mgv website no longer exists. As such, the mgv package has been masked in Portage. We recommend that users select an alternate Postscript viewer such as ghostview or GSview, and unmerge mgv: # emerge --unmerge 'app-text/mgv' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200703-24 http://bugs.gentoo.org/show_bug.cgi?id=154645 http://www.gentoo.org/security/en/glsa/glsa-200611-20.xml

Insight

mgv improperly handles user-supplied data possibly allowing for the execution of arbitrary code.

Severity

Classification

CVE CVE-2006-5864

CVSS	Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Gentoo Security Advisory GLSA 200502-11 (mailman)
Gentoo Security Advisory GLSA 200405-18 (firebird)
Gentoo Security Advisory GLSA 200412-05 (mirrorselect)
Gentoo Security Advisory GLSA 200412-23 (zwiki)
Gentoo Security Advisory GLSA 200410-12 (wordpress)

Take action and discover your vulnerabilities