|
|
| |
|
| |
ghostscript: multiple vulnerabilities
| Package(s): | ghostscript |
CVE #(s): | CVE-2009-4270
CVE-2009-4897
CVE-2010-1628
|
| Created: | July 14, 2010 |
Updated: | August 19, 2010 |
| Description: |
From the Ubuntu advisory:
David Srbecky discovered that Ghostscript incorrectly handled debug
logging. If a user or automated system were tricked into opening a crafted
PDF file, an attacker could cause a denial of service or execute arbitrary
code with privileges of the user invoking the program. (CVE-2009-4270)
It was discovered that Ghostscript incorrectly handled certain malformed
files. If a user or automated system were tricked into opening a crafted
Postscript or PDF file, an attacker could cause a denial of service or
execute arbitrary code with privileges of the user invoking the program. (CVE-2009-4897)
Dan Rosenberg discovered that Ghostscript incorrectly handled certain
recursive Postscript files. If a user or automated system were tricked into
opening a crafted Postscript file, an attacker could cause a denial of
service or execute arbitrary code with privileges of the user invoking the
program. (CVE-2010-1628)
|
| Alerts: |
|
( Log in to post comments)
|
|
|