Lucene search

K
nvd[email protected]NVD:CVE-2007-6725
HistoryApr 08, 2009 - 4:30 p.m.

CVE-2007-6725

2009-04-0816:30:00
CWE-119
web.nvd.nist.gov
7
ccittfax decoding filter
ghostscript
buffer underflow
pdf file
remote attackers

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.07

Percentile

94.0%

The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_decode_2d function.

Affected configurations

Nvd
Node
ghostscriptghostscriptMatch8.60
OR
ghostscriptghostscriptMatch8.61
VendorProductVersionCPE
ghostscriptghostscript8.60cpe:2.3:a:ghostscript:ghostscript:8.60:*:*:*:*:*:*:*
ghostscriptghostscript8.61cpe:2.3:a:ghostscript:ghostscript:8.61:*:*:*:*:*:*:*

References

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.07

Percentile

94.0%