CVE-2007-6725

2009-04-0816:30:00

Debian Security Bug Tracker

security-tracker.debian.org

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.07 Low

EPSS

Percentile

93.9%

JSON

The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_decode_2d function.

OSVersionArchitecturePackageVersionFilename
Debian12allghostscript< 8.63.dfsg.1-1ghostscript_8.63.dfsg.1-1_all.deb
Debian11allghostscript< 8.63.dfsg.1-1ghostscript_8.63.dfsg.1-1_all.deb
Debian10allghostscript< 8.63.dfsg.1-1ghostscript_8.63.dfsg.1-1_all.deb
Debian999allghostscript< 8.63.dfsg.1-1ghostscript_8.63.dfsg.1-1_all.deb
Debian13allghostscript< 8.63.dfsg.1-1ghostscript_8.63.dfsg.1-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	ghostscript	< 8.63.dfsg.1-1	ghostscript_8.63.dfsg.1-1_all.deb
Debian	11	all	ghostscript	< 8.63.dfsg.1-1	ghostscript_8.63.dfsg.1-1_all.deb
Debian	10	all	ghostscript	< 8.63.dfsg.1-1	ghostscript_8.63.dfsg.1-1_all.deb
Debian	999	all	ghostscript	< 8.63.dfsg.1-1	ghostscript_8.63.dfsg.1-1_all.deb
Debian	13	all	ghostscript	< 8.63.dfsg.1-1	ghostscript_8.63.dfsg.1-1_all.deb