Zen-parse discovered a buffer overflow in gv, a PostScript and PDF
viewer for X11. The same code is present in gnome-gv. This problem
is triggered by scanning the PostScript file and can be exploited by
an attacker sending a malformed PostScript or PDF file. The attacker
is able to cause arbitrary code to be run with the privileges of the
victim.
This problem has been fixed in version 1.1.96-3.1 for the current
stable distribution (woody), in version 0.82-2.1 for the old stable
distribution (potato) and version 1.99.7-9 for the unstable
distribution (sid).
We recommend that you upgrade your gnome-gv package.