ID de Prueba:	1.3.6.1.4.1.25623.1.0.801411
Categoría:	Buffer overflow
Título:	Ghostscript 'iscan.c' PDF Handling Remote Buffer Overflow Vulnerability
Resumen:	Ghostscript is prone to a buffer overflow vulnerability.
Descripción:	Summary: Ghostscript is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw is due to improper bounds checking by 'iscan.c' when processing malicious 'PDF' files, which leads to open a specially-crafted PDF file. Vulnerability Impact: Successful exploitation allows the attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name. Affected Software/OS: Ghostscript version 8.64 and prior Solution: Upgrade to Ghostscript version 8.71 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4897 40580 http://secunia.com/advisories/40580 41593 http://www.securityfocus.com/bid/41593 66277 http://www.osvdb.org/66277 GLSA-201412-17 http://security.gentoo.org/glsa/glsa-201412-17.xml MDVSA-2010:134 http://www.mandriva.com/security/advisories?name=MDVSA-2010:134 MDVSA-2010:135 http://www.mandriva.com/security/advisories?name=MDVSA-2010:135 USN-961-1 http://www.ubuntu.com/usn/USN-961-1 ghostscript-iscan-bo(60380) https://exchange.xforce.ibmcloud.com/vulnerabilities/60380 http://bugs.ghostscript.com/show_bug.cgi?id=690523 https://bugzilla.redhat.com/show_bug.cgi?id=613792
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.