What is CVE-2007-6725?

CVE-2007-6725 is a vulnerability in Ghostscript, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2009-04-08.

Is CVE-2007-6725 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Ghostscript

CVE-2007-6725

The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow i…

Vulnerability class: Buffer Overflow

EPSS: 0.048 (90.9th percentile) — read the EPSS interpretation.

Affected products

Ghostscript — versions 8.60, 8.61
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

References

cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
cve@mitre.org (vendor-advisory, x_refsource_FEDORA)
cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (vendor-advisory, x_refsource_SUSE)
cve@mitre.org (x_refsource_CONFIRM, Exploit)
cve@mitre.org (vendor-advisory, x_refsource_MANDRIVA)
cve@mitre.org (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2007-6725?: CVE-2007-6725 is a vulnerability in Ghostscript, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2009-04-08.
Is CVE-2007-6725 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.