Buffer overflow in Artifex Gpl_ghostscript

CVE-2010-1628

Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of th…

Vulnerability class: Buffer Overflow

EPSS: 0.040 (89.3th percentile) — read the EPSS interpretation.

Affected products

Artifex Gpl_ghostscript — versions 8.64, 8.70
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
secalert@redhat.com (mailing-list, Exploit, x_refsource_FULLDISC)
secalert@redhat.com (vendor-advisory, x_refsource_GENTOO)
secalert@redhat.com (Exploit, vdb-entry, x_refsource_BID)
secalert@redhat.com (vendor-advisory, x_refsource_MANDRIVA)
secalert@redhat.com (mailing-list, x_refsource_MLIST, Exploit)
secalert@redhat.com (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory)
secalert@redhat.com (x_refsource_MISC)
secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)