Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-0196HistoryApr 16, 2009 - 3:12 p.m.
CVE-2009-0196
2009-04-1615:12:00
Debian Security Bug Tracker
security-tracker.debian.org
10
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.139 Low
EPSS
Percentile
95.6%
Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run length value.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | ghostscript | <Β 8.64~dfsg-1.1 | ghostscript_8.64~dfsg-1.1_all.deb |
| Debian | 11 | all | ghostscript | <Β 8.64~dfsg-1.1 | ghostscript_8.64~dfsg-1.1_all.deb |
| Debian | 10 | all | ghostscript | <Β 8.64~dfsg-1.1 | ghostscript_8.64~dfsg-1.1_all.deb |
| Debian | 999 | all | ghostscript | <Β 8.64~dfsg-1.1 | ghostscript_8.64~dfsg-1.1_all.deb |
| Debian | 13 | all | ghostscript | <Β 8.64~dfsg-1.1 | ghostscript_8.64~dfsg-1.1_all.deb |
| Debian | 12 | all | jbig2dec | <Β 0.19-3 | jbig2dec_0.19-3_all.deb |
| Debian | 11 | all | jbig2dec | <Β 0.19-2 | jbig2dec_0.19-2_all.deb |
| Debian | 10 | all | jbig2dec | <Β 0.16-1+deb10u1 | jbig2dec_0.16-1+deb10u1_all.deb |
| Debian | 999 | all | jbig2dec | <Β 0.20-1 | jbig2dec_0.20-1_all.deb |
| Debian | 13 | all | jbig2dec | <Β 0.20-1 | jbig2dec_0.20-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2009-0196
2009-04-16 00:00:00
cve
cve
CVE-2009-0196
2009-04-16 15:12:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:32:34
securityvulns
securityvulns
Secunia Research: Ghostscript jbig2dec JBIG2 Processing Buffer Overflow
2009-04-10 00:00:00
Ghsotscript / XPDF / CUPS pdftops buffer overflow
2009-04-18 00:00:00
seebug
seebug
Ghostscript jbig2decεΊJBIG2ε€ηε ζΊ’εΊζΌζ΄
2009-04-11 00:00:00
prion
prion
Heap overflow
2009-04-16 15:12:00
openvas
openvas
Ghostscript Multiple Buffer Overflow Vulnerabilities (Windows)
2009-04-28 00:00:00
Ghostscript < 8.71 Multiple Buffer Overflow Vulnerabilities - Linux
2009-04-28 00:00:00
Ghostscript Multiple Buffer Overflow Vulnerabilities - Windows
2009-04-28 00:00:00
nessus
nessus
SuSE 11 Security Update : Ghostscript (SAT Patch Number 752)
2009-09-24 00:00:00
SuSE9 Security Update : GhostScript (YOU Patch Number 12417)
2009-09-24 00:00:00
openSUSE 10 Security Update : ghostscript-devel (ghostscript-devel-6246)
2009-05-18 00:00:00
redhat
redhat
(RHSA-2009:0421) Moderate: ghostscript security update
2009-04-14 00:00:00
slackware
slackware
ghostscript
2009-06-29 23:40:52
oraclelinux
oraclelinux
ghostscript security update
2009-04-14 00:00:00
centos
centos
ghostscript security update
2009-04-20 10:16:55
fedora
fedora
[SECURITY] Fedora 9 Update: ghostscript-8.63-3.fc9
2009-04-15 21:50:26
[SECURITY] Fedora 10 Update: ghostscript-8.63-6.fc10
2009-04-15 21:49:53
ubuntu
ubuntu
Ghostscript vulnerabilities
2009-04-15 00:00:00
debian
debian
[SECURITY] [DSA 2080-1] New ghostscript packages fix several vulnerabilities
2010-08-01 01:25:15
osv
osv
ghostscript - several vulnerabilities
2010-08-01 00:00:00
gentoo
gentoo
GPL Ghostscript: Multiple vulnerabilities
2014-12-13 00:00:00
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.139 Low
EPSS
Percentile
95.6%
Related for DEBIANCVE:CVE-2009-0196