what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 1 of 1 RSS Feed

Files

Mandriva Linux Security Advisory 2010-134
Posted Jul 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-134 - Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file, as originally reported for debug logging code in gdevcups.c in the CUPS output driver. Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter. As a precaution ghostscriptc has been rebuilt to link against the system libpng library which was fixed with MDVSA-2010:133.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-4270, CVE-2010-1628
SHA-256 | 3d73e4babfd4b5c82e8bde7f78c70aac24ac68d203e10354a9d51ebf133af653
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close