Your submission was sent successfully! Close

CVE-2008-6679

Published: 8 April 2009

Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service (ps2pdf crash) and possibly execute arbitrary code via a crafted Postscript file.

Notes

AuthorNote
mdeslaur
PoC available
Priority

Medium

Status

Package Release Status
ghostscript
Launchpad, Ubuntu, Debian
dapper Does not exist

gutsy Needed
(reached end-of-life)
hardy
Released (8.61.dfsg.1-1ubuntu3.2)
intrepid
Released (8.63.dfsg.1-0ubuntu6.4)
jaunty Not vulnerable
(8.64.dfsg.1-0ubuntu7)
karmic Not vulnerable
(8.64.dfsg.1-0ubuntu7)
upstream Needs triage

Patches:
upstream: http://svn.ghostscript.com/viewvc?view=rev&sortby=rev&revision=9304
gs-afpl
Launchpad, Ubuntu, Debian
dapper Ignored
(reached end-of-life)
gutsy Does not exist

hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Does not exist

upstream Needs triage

gs-esp
Launchpad, Ubuntu, Debian
dapper
Released (8.15.2.dfsg.0ubuntu1-0ubuntu1.2)
gutsy Does not exist

hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Does not exist

upstream Needs triage

gs-gpl
Launchpad, Ubuntu, Debian
dapper
Released (8.15-4ubuntu3.3)
gutsy Does not exist

hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Does not exist

upstream Needs triage