Buffer overflow in Ghostscript

CVE-2008-6679

Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service (ps2pdf crash) and possibly execute arbitrary code via a crafted Postscript file.

Vulnerability class: Buffer Overflow

EPSS: 0.045 (90.3th percentile) — read the EPSS interpretation.

Affected products

Ghostscript — versions 8.62
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
cve@mitre.org (signature, x_refsource_OVAL, vdb-entry)
cve@mitre.org (vendor-advisory, x_refsource_FEDORA)
cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (vendor-advisory, x_refsource_SUSE)
cve@mitre.org (vendor-advisory, x_refsource_MANDRIVA)
cve@mitre.org (vendor-advisory, x_refsource_FEDORA)