Your submission was sent successfully! Close

CVE-2009-0196

Published: 16 April 2009

Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run length value.

Priority

Medium

Status

Package Release Status
ghostscript
Launchpad, Ubuntu, Debian
Upstream Needs triage

gs-afpl
Launchpad, Ubuntu, Debian
Upstream Needs triage

gs-esp
Launchpad, Ubuntu, Debian
Upstream Needs triage

gs-gpl
Launchpad, Ubuntu, Debian
Upstream Needs triage