CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.4%
It was discovered that Ghostscript did not correctly handle memory
allocation when parsing certain malformed JPEG-2000 images. If a user or
automated system were tricked into opening a specially crafted image, an
attacker could cause a denial of service and possibly execute arbitrary
code with user privileges. (CVE-2008-3520)
It was discovered that Ghostscript did not correctly handle certain
formatting operations when parsing JPEG-2000 images. If a user or automated
system were tricked into opening a specially crafted image, an attacker
could cause a denial of service and possibly execute arbitrary code with
user privileges. (CVE-2008-3522)
It was discovered that Ghostscript incorrectly handled certain malformed
TrueType fonts. If a user or automated system were tricked into opening a
document containing a specially crafted font, an attacker could cause a
denial of service and possibly execute arbitrary code with user privileges.
This issue only affected Ubuntu 8.04 LTS. (CVE-2009-3743)
It was discovered that Ghostscript incorrectly handled certain malformed
Type 2 fonts. If a user or automated system were tricked into opening a
document containing a specially crafted font, an attacker could cause a
denial of service and possibly execute arbitrary code with user privileges.
This issue only affected Ubuntu 8.04 LTS. (CVE-2010-4054)
Jonathan Foote discovered that Ghostscript incorrectly handled certain
malformed JPEG-2000 image files. If a user or automated system were tricked
into opening a specially crafted JPEG-2000 image file, an attacker could
cause Ghostscript to crash or possibly execute arbitrary code with user
privileges. (CVE-2011-4516, CVE-2011-4517)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 8.04 | noarch | libgs8 | < 8.61.dfsg.1-1ubuntu3.4 | UNKNOWN |
Ubuntu | 8.04 | noarch | ghostscript | < 8.61.dfsg.1-1ubuntu3.4 | UNKNOWN |
Ubuntu | 8.04 | noarch | ghostscript-x | < 8.61.dfsg.1-1ubuntu3.4 | UNKNOWN |
Ubuntu | 8.04 | noarch | libgs-dev | < 8.61.dfsg.1-1ubuntu3.4 | UNKNOWN |
Ubuntu | 10.10 | noarch | libgs8 | < 8.71.dfsg.2-0ubuntu7.1 | UNKNOWN |
Ubuntu | 10.10 | noarch | ghostscript | < 8.71.dfsg.2-0ubuntu7.1 | UNKNOWN |
Ubuntu | 10.10 | noarch | ghostscript-cups | < 8.71.dfsg.2-0ubuntu7.1 | UNKNOWN |
Ubuntu | 10.10 | noarch | ghostscript-x | < 8.71.dfsg.2-0ubuntu7.1 | UNKNOWN |
Ubuntu | 10.10 | noarch | libgs-dev | < 8.71.dfsg.2-0ubuntu7.1 | UNKNOWN |
Ubuntu | 10.04 | noarch | libgs8 | < 8.71.dfsg.1-0ubuntu5.4 | UNKNOWN |