CVE-2004-1717

gv - Buffer Overflow via Long Postscript File Values

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2004-1717. PoCs published by infamous41md.

AI-analyzed exploit summary This exploit targets a stack buffer overflow in the psscan() function of gv postscript viewer (CVE-2004-1717). It crafts a malicious PostScript file with multiple overflow methods and includes shellcode for remote command execution.

Description

Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value.

Exploits (2)

exploitdb WORKING POC VERIFIED

by infamous41md · cremotelinux

https://www.exploit-db.com/exploits/400

View Code ZIP pw:eip

This exploit targets a stack buffer overflow in the psscan() function of gv postscript viewer (CVE-2004-1717). It crafts a malicious PostScript file with multiple overflow methods and includes shellcode for remote command execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: gv postscript viewer (versions prior to the fix for CVE-2004-1717)

No auth needed

Prerequisites: vulnerable version of gv postscript viewer · ability to deliver malicious PostScript file to target

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by infamous41md · cremotelinux

https://www.exploit-db.com/exploits/390

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in the gv PostScript viewer. It generates a malicious PostScript file that, when opened, executes shellcode to spawn a remote shell on port 7000.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: gv PostScript viewer (version not specified)

No auth needed

Prerequisites: Ability to deliver the malicious PostScript file to the target · Target must open the file with the vulnerable gv viewer

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/17019

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=109267677114331&w=2

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/10944

Scores

EPSS 0.0538

EPSS Percentile 91.6%

Details

Status published

Products (18)

gv/gv 2.7.6

gv/gv 2.7b1

gv/gv 2.7b2

gv/gv 2.7b3

gv/gv 2.7b4

gv/gv 2.7b5

gv/gv 2.9.4

gv/gv 3.0.0

gv/gv 3.0.4

gv/gv 3.1.4

... and 8 more

Published Aug 16, 2004

Tracked Since Feb 18, 2026