Buffer overflow in Artifex Gpl_ghostscript

CVE-2010-1869

Stack-based buffer overflow in the parser function in GhostScript 8.70 and 8.64 allows context-dependent attackers to execute arbitrary code via a crafted PostScript file.

Vulnerability class: Buffer Overflow

EPSS: 0.092 (94.7th percentile) — read the EPSS interpretation.

Affected products

Artifex Gpl_ghostscript — versions 8.64, 8.70
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (vdb-entry, x_refsource_VUPEN)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (vdb-entry, x_refsource_VUPEN)
cve@mitre.org (vendor-advisory, x_refsource_MANDRIVA)
cve@mitre.org (x_refsource_UBUNTU, vendor-advisory)
cve@mitre.org (vdb-entry, x_refsource_BID)
cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (vendor-advisory, x_refsource_SUSE)