CVE-2010-1628

Published: 19 May 2010

Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter.

Priority

Medium

Status

Package Release Status
ghostscript
Launchpad, Ubuntu, Debian
Upstream Needed

Patches:
Upstream: http://svn.ghostscript.com/viewvc?view=rev&revision=11414
gs-afpl
Launchpad, Ubuntu, Debian
Upstream Needs triage

gs-esp
Launchpad, Ubuntu, Debian
Upstream Needs triage

gs-gpl
Launchpad, Ubuntu, Debian
Upstream Needs triage