Lucene search
Ubuntu.comUB:CVE-2007-6725HistoryApr 08, 2009 - 12:00 a.m.
CVE-2007-6725
2009-04-0800:00:00
ubuntu.com
ubuntu.com
9
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.07 Low
EPSS
Percentile
93.9%
The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other
versions, allows remote attackers to cause a denial of service (crash) and
possibly execute arbitrary code via a crafted PDF file that triggers a
buffer underflow in the cf_decode_2d function.
Bugs
- <http://bugs.ghostscript.com/show_bug.cgi?id=689917>
- <https://bugzilla.redhat.com/show_bug.cgi?id=229174>
- <https://bugzilla.redhat.com/show_bug.cgi?id=493442>
Notes
| Author | Note |
|---|---|
| mdeslaur | PoC in RH bugs |
Related
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:32:33
prion
prion
Buffer overflow
2009-04-08 16:30:00
debiancve
debiancve
CVE-2007-6725
2009-04-08 16:30:00
cve
cve
CVE-2007-6725
2009-04-08 16:30:00
oraclelinux
oraclelinux
ghostscript security update
2009-04-14 00:00:00
ghostscript security update
2009-04-14 00:00:00
redhat
redhat
(RHSA-2009:0420) Moderate: ghostscript security update
2009-04-14 00:00:00
(RHSA-2009:0421) Moderate: ghostscript security update
2009-04-14 00:00:00
centos
centos
ghostscript, hpijs security update
2009-04-14 22:27:36
ghostscript security update
2009-04-20 10:16:55
openvas
openvas
RedHat Security Advisory RHSA-2009:0420
2009-04-15 00:00:00
CentOS Update for ghostscript CESA-2009:0420 centos4 i386
2011-08-09 00:00:00
CentOS Security Advisory CESA-2009:0420 (ghostscript)
2009-05-25 00:00:00
nessus
nessus
CentOS 3 / 4 : ghostscript (CESA-2009:0420)
2009-04-15 00:00:00
RHEL 3 / 4 : ghostscript (RHSA-2009:0420)
2009-04-15 00:00:00
Oracle Linux 3 / 4 : ghostscript (ELSA-2009-0420)
2013-07-12 00:00:00
ubuntu
ubuntu
Ghostscript vulnerabilities
2009-04-15 00:00:00
osv
osv
ghostscript - several vulnerabilities
2010-08-01 00:00:00
debian
debian
[SECURITY] [DSA 2080-1] New ghostscript packages fix several vulnerabilities
2010-08-01 01:25:15
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.07 Low
EPSS
Percentile
93.9%
Related for UB:CVE-2007-6725