Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:15125
HistoryDec 23, 2009 - 12:00 a.m.

Ghostscript errprintf()函数PDF文件处理栈溢出漏洞

2009-12-2300:00:00
Root
www.seebug.org
11

0.023 Low

EPSS

Percentile

88.6%

JSON

BUGTRAQ ID: 37410
CVE ID: CVE-2009-4270

Ghostscript是用于显示PostScript文件或向非PostScript打印机打印这些文件的程序。

Ghostscript的base/gsmisc.c文件中的errprintf()函数在通过CUPS打印特制的PDF文件时存在栈溢出漏洞,如果特制的PDF能够导致打印失败,则gs cups驱动的某些调试输出就可以在gs调试处理中触发这个溢出,导致执行任意代码。

Ghostscript Ghostscript 8.70
Ghostscript Ghostscript 8.64
厂商补丁:

Ghostscript

目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:

http://www.ghostscript.com/


                                                https://bugzilla.redhat.com/attachment.cgi?id=373326

Related

ubuntucve 1
prion 1
debiancve 1
redhatcve 1
cve 1
openvas 15
fedora 2
nessus 8
ubuntu 1
osv 1
debian 1
gentoo 1
ubuntucve
ubuntucve
CVE-2009-4270
2009-12-21 00:00:00
prion
prion
Stack overflow
2009-12-21 16:30:00
debiancve
debiancve
CVE-2009-4270
2009-12-21 16:30:00
redhatcve
redhatcve
CVE-2009-4270
2015-10-30 10:23:19
cve
cve
CVE-2009-4270
2009-12-21 16:30:00
openvas
openvas
Fedora Update for ghostscript FEDORA-2010-11376
2010-08-20 00:00:00
Mandriva Update for ghostscript MDVSA-2010:134 (ghostscript)
2010-07-16 00:00:00
Fedora Update for ghostscript FEDORA-2010-11376
2010-08-20 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: ghostscript-8.71-7.fc12
2010-08-17 05:44:47
[SECURITY] Fedora 12 Update: ghostscript-8.71-16.fc12
2010-10-14 23:02:13
nessus
nessus
Mandriva Linux Security Advisory : ghostscript (MDVSA-2010:134)
2010-07-30 00:00:00
Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : ghostscript vulnerabilities (USN-961-1)
2010-07-14 00:00:00
openSUSE Security Update : ghostscript-devel (openSUSE-SU-2010:0425-1)
2010-07-23 00:00:00
ubuntu
ubuntu
Ghostscript vulnerabilities
2010-07-13 00:00:00
osv
osv
ghostscript - several vulnerabilities
2010-08-01 00:00:00
debian
debian
[SECURITY] [DSA 2080-1] New ghostscript packages fix several vulnerabilities
2010-08-01 01:24:55
gentoo
gentoo
GPL Ghostscript: Multiple vulnerabilities
2014-12-13 00:00:00

0.023 Low

EPSS

Percentile

88.6%

JSON
Related for SSV:15125
ubuntucve1prion1debiancve1redhatcve1cve1openvas15fedora2nessus8ubuntu1osv1debian1gentoo1