Description
Stack-based buffer overflow in the parser function in GhostScript 8.70 and 8.64 allows context-dependent attackers to execute arbitrary code via a crafted PostScript file.
Affected products
- artifex / gpl_ghostscript8.64 – 8.64
- artifex / gpl_ghostscript8.70 – 8.70
References
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2010/1195
- VENDOR_ADVISORYhttp://secunia.com/advisories/39753
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2010/1138
- VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:102
- VENDOR_ADVISORYhttp://www.ubuntu.com/usn/USN-961-1
- MISChttp://www.securityfocus.com/bid/40103
- MISChttp://www.securitytracker.com/id?1024003
- VENDOR_ADVISORYhttp://secunia.com/advisories/40580
- VENDOR_ADVISORYhttp://www.checkpoint.com/defense/advisories/public/2010/cpai-10-May.html
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
- MISChttp://www.securityfocus.com/archive/1/511243/100/0/threaded