|Title:||Ghostscript Parser Buffer Overflow Vulnerabilities (Win)|
|Summary:||Check for the Version of Ghostscript|
Overview: This host is installed with Ghostscript and is prone to
Buffer Overflow Vulnerability.
These flaws are due to,
- Boundary error in the 'parser()' which allows the attackers to
execute arbitrary code via a crafted PostScript file.
- Buffer overflow and memory corruption errors when processing a recursive
procedure invocations, which could be exploited to crash an affected
application or execute arbitrary code.
Successful exploitation allows the attacker to execute arbitrary code in
the context of the affected application and can cause denial of service.
Impact Level: Application
Ghostscript version 8.70 and 8.64 on Windows.
Fix: No solution or patch is available as of 20th May, 2010. Information
regarding this issue will be updated once the solution details are available.
For updates refer to http://www.ghostscript.com/
Common Vulnerability Exposure (CVE) ID: CVE-2010-1869|
Bugtraq: 20100512 Multiple memory corruption vulnerabilities in Ghostscript (Google Search)
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
BugTraq ID: 40103
Common Vulnerability Exposure (CVE) ID: CVE-2010-1628
BugTraq ID: 40107
|Copyright||Copyright (c) 2010 Greenbone Networks GmbH|
|This is only one of 40246 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.