CVE-2007-6725
Published: 08 April 2009
The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_decode_2d function.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
ghostscript Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
Patches: Upstream: http://svn.ghostscript.com/viewvc?view=rev&sortby=rev&revision=8896 |
||
|
gs-afpl Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
gs-esp Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
gs-gpl Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Notes
| Author | Note |
|---|---|
| mdeslaur | PoC in RH bugs |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6725
- https://ubuntu.com/security/notices/USN-757-1
- NVD
- Launchpad
- Debian