CVE-2008-0411

Published: 28 February 2008

Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.

Priority

Medium

Status

Package Release Status
ghostscript
Launchpad, Ubuntu, Debian
Upstream Needs triage

Patches:
Vendor: https://rhn.redhat.com/errata/RHSA-2008-0155.html
other: vsec Message-ID: <20080205161816.GA21281@boole.suse.de>
Vendor: http://www.debian.org/security/2008/dsa-1510
gs-esp
Launchpad, Ubuntu, Debian
Upstream Needs triage

gs-gpl
Launchpad, Ubuntu, Debian
Upstream Needs triage