Ubuntu Security Notice 599-1 - Chris Evans discovered that Ghostscript contained a buffer overflow in its color space handling code. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
723595e75c329e38966862f5974a59101e29f1e92aa132ad4e27b01e5ebe3827Gentoo Linux Security Advisory GLSA 200803-14 - Chris Evans (Google Security) discovered a stack-based buffer overflow within the zseticcspace() function in the file zicc.c when processing a PostScript file containing a long Range array in a .seticcscpate operator. Versions less than 8.15.4-r1 are affected.
ef709b4cc67d5ffb1d54d6ecf0ec4585de60e7ce89c3193b9d7061ba5bedac21Mandriva Linux Security Advisory - Chris Evans found a buffer overflow condition in Ghostscript, which can lead to arbitrary code execution as the user running any application using it to process a maliciously crafted Postscript file.
7dbf22e608b7a8f84d87b2179e1ef1985e819cb3dc74d278ab08d073cd7fc19eDebian Security Advisory 1510-1 - Chris Evans discovered a buffer overflow in the color space handling code of the Ghostscript PostScript/PDF interpreter, which might result in the execution of arbitrary code if a user is tricked into processing a malformed file.
49a8bee76cf9b801f16a45b718dd39b7e0d7bda143afaa53ff8acd1b1e1c5035
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed