Vulnerability CVE-2006-5864

Vulnerability Name:

CVE-2006-5864 (CCN-30153)

Assigned:

2006-11-09

Published:

2006-11-09

Updated:

2018-10-17

Summary:

Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the (1) DocumentMedia, (2) DocumentPaperSizes, and possibly (3) PageMedia and (4) PaperSize headers.
Note: this issue can be exploited through other products that use gv such as evince.

CVSS v3 Severity:

5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
4.2 Medium (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
4.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Gain Access

References:

Source: CCN
Type: Full-Disclosure Mailing List, Thu Nov 09 2006 - 09:55:31 CST
GNU gv Stack Overflow Vulnerability

Source: MITRE
Type: CNA
CVE-2006-5864

Source: CCN
Type: SA22787
GNU gv "ps_gettext()" Buffer Overflow Vulnerability

Source: SECUNIA
Type: Vendor Advisory
22787

Source: SECUNIA
Type: Vendor Advisory
22932

Source: SECUNIA
Type: Vendor Advisory
23006

Source: SECUNIA
Type: Vendor Advisory
23018

Source: CCN
Type: SA23111
Evince "get_next_text()" Buffer Overflow Vulnerability

Source: SECUNIA
Type: Vendor Advisory
23111

Source: SECUNIA
Type: Vendor Advisory
23118

Source: SECUNIA
Type: Vendor Advisory
23183

Source: SECUNIA
Type: Vendor Advisory
23266

Source: SECUNIA
Type: Vendor Advisory
23306

Source: SECUNIA
Type: Vendor Advisory
23335

Source: SECUNIA
Type: Vendor Advisory
23353

Source: CCN
Type: SA23409
SUSE Update for Multiple Packages

Source: SECUNIA
Type: Vendor Advisory
23409

Source: SECUNIA
Type: Vendor Advisory
23579

Source: CCN
Type: SA24649
Gentoo mgv Buffer Overflow Vulnerability

Source: SECUNIA
Type: Vendor Advisory
24649

Source: SECUNIA
Type: Vendor Advisory
24787

Source: GENTOO
Type: UNKNOWN
GLSA-200611-20

Source: GENTOO
Type: UNKNOWN
GLSA-200703-24

Source: GENTOO
Type: UNKNOWN
GLSA-200704-06

Source: DEBIAN
Type: UNKNOWN
DSA-1214

Source: DEBIAN
Type: UNKNOWN
DSA-1243

Source: DEBIAN
Type: DSA-1214
gv -- buffer overflow

Source: DEBIAN
Type: DSA-1243
evince -- buffer overflow

Source: CCN
Type: GLSA-200611-20
GNU gv: Stack overflow

Source: CCN
Type: GLSA-200703-24
mgv: Stack overflow in included gv code

Source: CCN
Type: GLSA-200704-06
Evince: Stack overflow in included gv code

Source: CCN
Type: GNU gv Web site
GNU gv

Source: CCN
Type: US-CERT VU#352825
GNU gv buffer overflow vulnerability

Source: CERT-VN
Type: US Government Resource
VU#352825

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:214

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:229

Source: SUSE
Type: UNKNOWN
SUSE-SR:2006:026

Source: SUSE
Type: UNKNOWN
SUSE-SR:2006:028

Source: SUSE
Type: UNKNOWN
SUSE-SR:2006:029

Source: CCN
Type: OSVDB ID: 30274
GNU gv ps.c ps_gettext() Function Overflow

Source: BUGTRAQ
Type: UNKNOWN
20061109 GNU gv Stack Overflow Vulnerability

Source: BUGTRAQ
Type: UNKNOWN
20061112 Re: GNU gv Stack Overflow Vulnerability

Source: BUGTRAQ
Type: UNKNOWN
20061128 evince buffer overflow exploit (gv)

Source: BID
Type: Exploit
20978

Source: CCN
Type: BID-20978
GNU GV Stack Buffer Overflow Vulnerability

Source: CCN
Type: USN-390-1
evince vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-390-1

Source: CCN
Type: USN-390-2
evince vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-390-2

Source: CCN
Type: USN-390-3
evince-gtk vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-390-3

Source: VUPEN
Type: Vendor Advisory
ADV-2006-4424

Source: VUPEN
Type: Vendor Advisory
ADV-2006-4747

Source: XF
Type: UNKNOWN
gnu-gv-buffer-overflow(30153)

Source: XF
Type: UNKNOWN
gnu-gv-buffer-overflow(30153)

Source: XF
Type: UNKNOWN
evince-postscript-bo(30555)

Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-850

Source: EXPLOIT-DB
Type: UNKNOWN
2858

Source: SUSE
Type: SUSE-SR:2006:026
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2006:028
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2006:029
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnu:gv:3.5.8:*:*:*:*:*:*:*

OR cpe:/a:gnu:gv:3.6.0:*:*:*:*:*:*:*

OR cpe:/a:gnu:gv:3.6.1:*:*:*:*:*:*:*

OR cpe:/a:gnu:gv:3.6.2:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnu:gv:-:*:*:*:*:*:*:*

OR cpe:/a:gnu:gv:3.6.0:*:*:*:*:*:*:*

OR cpe:/a:gnu:gv:3.6.1:*:*:*:*:*:*:*

OR cpe:/a:gnu:gv:3.6.2:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20065864	V	CVE-2006-5864	2022-06-30
oval:org.opensuse.security:def:42298	P	Security update for xen (Important)	2022-06-13
oval:org.opensuse.security:def:112201	P	evince-40.4-1.3 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31376	P	Security update for apache2 (Important)	2022-01-12
oval:org.opensuse.security:def:26217	P	Security update for java-1_7_1-ibm (Moderate) (in QA)	2022-01-04
oval:org.opensuse.security:def:31370	P	Security update for java-1_7_1-ibm (Moderate) (in QA)	2022-01-04
oval:org.opensuse.security:def:32252	P	Security update for chrony (Moderate)	2021-12-22
oval:org.opensuse.security:def:31319	P	Security update for openssh (Important)	2021-12-06
oval:org.opensuse.security:def:26173	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:33044	P	Security update for postgresql, postgresql13, postgresql14 (Important)	2021-11-20
oval:org.opensuse.security:def:26159	P	Security update for systemd (Moderate)	2021-11-04
oval:org.opensuse.security:def:26149	P	Security update for iproute2 (Moderate)	2021-10-18
oval:org.opensuse.security:def:105732	P	evince-40.4-1.3 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:32196	P	Security update for python-urllib3 (Moderate)	2021-09-29
oval:org.opensuse.security:def:26120	P	Security update for xerces-c (Important)	2021-09-03
oval:org.opensuse.security:def:32178	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:31675	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:31672	P	Security update for unrar (Moderate)	2021-08-25
oval:org.opensuse.security:def:31668	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:31246	P	Security update for fetchmail (Moderate)	2021-08-18
oval:org.opensuse.security:def:26095	P	Security update for glibc (Moderate)	2021-07-27
oval:org.opensuse.security:def:31227	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:42099	P	Security update for dbus-1 (Important)	2021-07-12
oval:org.opensuse.security:def:32134	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:26071	P	Security update for the Linux Kernel (Important)	2021-06-09
oval:org.opensuse.security:def:36120	P	evince-2.28.2-0.7.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36396	P	evince-devel-2.28.2-0.7.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42527	P	evince-2.28.2-0.7.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32112	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:31619	P	Security update for python3 (Important)	2021-05-17
oval:org.opensuse.security:def:31172	P	Security update for python3 (Important)	2021-05-17
oval:org.opensuse.security:def:31614	P	Security update for java-1_7_0-openjdk (Moderate)	2021-04-29
oval:org.opensuse.security:def:31161	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:31160	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:32073	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:31359	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:31358	P	Security update for glib2 (Important)	2021-03-16
oval:org.opensuse.security:def:33083	P	Security update for avahi (Moderate)	2021-02-23
oval:org.opensuse.security:def:31725	P	Security update for openvswitch (Important)	2021-02-12
oval:org.opensuse.security:def:31724	P	Security update for python (Important)	2021-02-11
oval:org.opensuse.security:def:31095	P	Security update for openssl (Important)	2020-12-11
oval:org.opensuse.security:def:25975	P	Security update for openssl-1_0_0 (Important)	2020-12-09
oval:org.opensuse.security:def:35541	P	evince-2.28.2-0.2.68 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35692	P	evince-2.28.2-0.7.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41948	P	evince-2.28.2-0.2.68 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35891	P	evince-2.28.2-0.7.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25104	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26575	P	krb5-doc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25868	P	Security update for pcre (Moderate)	2020-12-01
oval:org.opensuse.security:def:25442	P	Security update for libcaca (Moderate)	2020-12-01
oval:org.opensuse.security:def:31576	P	Security update for sudo (Moderate)	2020-12-01
oval:org.opensuse.security:def:32855	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25945	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:25296	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:26663	P	PolicyKit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26541	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25517	P	Security update for qemu (Moderate)	2020-12-01
oval:org.opensuse.security:def:31875	P	Security update for dbus-1 (Important)	2020-12-01
oval:org.opensuse.security:def:26855	P	OpenEXR on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25957	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:25434	P	Security update for dovecot22 (Important)	2020-12-01
oval:org.opensuse.security:def:26721	P	java-1_6_0-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25726	P	Security update for python36 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25722	P	Security update for ovmf (Low)	2020-12-01
oval:org.opensuse.security:def:31936	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:31586	P	Security update for tcpdump (Moderate)	2020-12-01
oval:org.opensuse.security:def:26018	P	Security update for freerdp (Important)	2020-12-01
oval:org.opensuse.security:def:32340	P	Security update for socat (Moderate)	2020-12-01
oval:org.opensuse.security:def:27394	P	evince-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25243	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25961	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32618	P	xorg-x11-Xvnc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31598	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:26287	P	Security update for zeromq (Moderate)	2020-12-01
oval:org.opensuse.security:def:26348	P	Security update for SDL2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32406	P	Security update for wavpack (Moderate)	2020-12-01
oval:org.opensuse.security:def:25255	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31470	P	Security update for ppp	2020-12-01
oval:org.opensuse.security:def:26019	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25670	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:31804	P	Security update for ant (Moderate)	2020-12-01
oval:org.opensuse.security:def:31770	P	Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Important)	2020-12-01
oval:org.opensuse.security:def:26401	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:31009	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25447	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:31812	P	Security update for apache2 (Important)	2020-12-01
oval:org.opensuse.security:def:31763	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26692	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25745	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31953	P	Security update for gstreamer-0_10-plugins-base (Moderate)	2020-12-01
oval:org.opensuse.security:def:27083	P	apache2-mod_perl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31021	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25585	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:25771	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31829	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:25954	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:25093	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26246	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25824	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:32506	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25441	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:31444	P	Security update for poppler (Moderate)	2020-12-01
oval:org.opensuse.security:def:26371	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:32816	P	Mesa-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25168	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:26624	P	pam_krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26506	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:25453	P	Security update for libseccomp (Moderate)	2020-12-01
oval:org.opensuse.security:def:31826	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:25946	P	Security update for gnome-shell (Low)	2020-12-01
oval:org.opensuse.security:def:25377	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:31968	P	Security update for ipmitool (Important)	2020-12-01
oval:org.opensuse.security:def:26677	P	clamav on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25645	P	Security update for the Linux Kernel (Critical)	2020-12-01
oval:org.opensuse.security:def:32040	P	Security update for various KMPs (Moderate)	2020-12-01
oval:org.opensuse.security:def:31914	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:26890	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26021	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25518	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:32301	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:27359	P	Mesa-devel-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25783	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:25922	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:31980	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31587	P	Security update for tcpdump (Important)	2020-12-01
oval:org.opensuse.security:def:26230	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:26299	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32362	P	Security update for strongswan (Moderate)	2020-12-01
oval:org.opensuse.security:def:25244	P	Security update for log4j (Important)	2020-12-01
oval:org.opensuse.security:def:31378	P	Security update for openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26522	P	apache2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32657	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25669	P	Security update for gcc10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31463	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26387	P	Security update for ffmpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:25319	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:31527	P	Security update for Ruby	2020-12-01
oval:org.opensuse.security:def:26657	P	LibVNCServer on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25681	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:31896	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32024	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26445	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:31010	P	Security update for IBM Java	2020-12-01
oval:org.opensuse.security:def:25528	P	Security update for texlive (Moderate)	2020-12-01
oval:org.opensuse.security:def:31785	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25873	P	Security update for libcares2 (Low)	2020-12-01
oval:org.opensuse.security:def:25820	P	Security update for xerces-c (Moderate)	2020-12-01
oval:org.opensuse.security:def:27118	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25092	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25867	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:25810	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32467	P	Security update for xorg-x11-libs (Moderate)	2020-12-01
oval:org.opensuse.security:def:26011	P	Security update for gwenhywfar (Moderate)	2020-12-01
oval:org.debian:def:1214	V	buffer overflow	2013-01-21
oval:org.debian:def:1243	V	buffer overflow	2006-12-28

BACK