David Srbecky discovered that Ghostscript incorrectly handled debug
logging. If a user or automated system were tricked into opening a crafted
PDF file, an attacker could cause a denial of service or execute arbitrary
code with privileges of the user invoking the program. (CVE-2009-4270)
It was discovered that Ghostscript incorrectly handled certain malformed
files. If a user or automated system were tricked into opening a crafted
Postscript or PDF file, an attacker could cause a denial of service or
execute arbitrary code with privileges of the user invoking the program. (CVE-2009-4897)
Dan Rosenberg discovered that Ghostscript incorrectly handled certain
recursive Postscript files. If a user or automated system were tricked into
opening a crafted Postscript file, an attacker could cause a denial of
service or execute arbitrary code with privileges of the user invoking the
program. (CVE-2010-1628)
