Lucene search
Ubuntu.comUB:CVE-2009-0196HistoryApr 16, 2009 - 12:00 a.m.
CVE-2009-0196
2009-04-1600:00:00
ubuntu.com
ubuntu.com
26
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.139 Low
EPSS
Percentile
95.6%
Heap-based buffer overflow in the big2_decode_symbol_dict function
(jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in
Ghostscript 8.64, and probably earlier versions, allows remote attackers to
execute arbitrary code via a PDF file with a JBIG2 symbol dictionary
segment with a large run length value.
Notes
| Author | Note |
|---|---|
| mdeslaur | Secunia advisory SA34292 |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 8.04 | noarch | ghostscript | <Β 8.61.dfsg.1-1ubuntu3.2 | UNKNOWN |
| ubuntu | 8.10 | noarch | ghostscript | <Β 8.63.dfsg.1-0ubuntu6.4 | UNKNOWN |
| ubuntu | 9.04 | noarch | ghostscript | <Β 8.64.dfsg.1-0ubuntu8 | UNKNOWN |
| ubuntu | 9.10 | noarch | ghostscript | <Β 8.64.dfsg.1-0ubuntu8 | UNKNOWN |
| ubuntu | 6.06 | noarch | gs-esp | <Β 8.15.2.dfsg.0ubuntu1-0ubuntu1.2 | UNKNOWN |
| ubuntu | 6.06 | noarch | gs-gpl | <Β 8.15-4ubuntu3.3 | UNKNOWN |
Related
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:32:34
debiancve
debiancve
CVE-2009-0196
2009-04-16 15:12:00
cve
cve
CVE-2009-0196
2009-04-16 15:12:00
securityvulns
securityvulns
Secunia Research: Ghostscript jbig2dec JBIG2 Processing Buffer Overflow
2009-04-10 00:00:00
Ghsotscript / XPDF / CUPS pdftops buffer overflow
2009-04-18 00:00:00
seebug
seebug
Ghostscript jbig2decεΊJBIG2ε€ηε ζΊ’εΊζΌζ΄
2009-04-11 00:00:00
prion
prion
Heap overflow
2009-04-16 15:12:00
openvas
openvas
Ghostscript < 8.71 Multiple Buffer Overflow Vulnerabilities - Linux
2009-04-28 00:00:00
Ghostscript Multiple Buffer Overflow Vulnerabilities (Windows)
2009-04-28 00:00:00
SLES11: Security update for Ghostscript
2009-10-11 00:00:00
nessus
nessus
SuSE 11 Security Update : Ghostscript (SAT Patch Number 752)
2009-09-24 00:00:00
SuSE9 Security Update : GhostScript (YOU Patch Number 12417)
2009-09-24 00:00:00
SuSE 10 Security Update : GhostScript (ZYPP Patch Number 6245)
2009-09-24 00:00:00
slackware
slackware
ghostscript
2009-06-29 23:40:52
redhat
redhat
(RHSA-2009:0421) Moderate: ghostscript security update
2009-04-14 00:00:00
oraclelinux
oraclelinux
ghostscript security update
2009-04-14 00:00:00
centos
centos
ghostscript security update
2009-04-20 10:16:55
fedora
fedora
[SECURITY] Fedora 10 Update: ghostscript-8.63-6.fc10
2009-04-15 21:49:53
[SECURITY] Fedora 9 Update: ghostscript-8.63-3.fc9
2009-04-15 21:50:26
ubuntu
ubuntu
Ghostscript vulnerabilities
2009-04-15 00:00:00
debian
debian
[SECURITY] [DSA 2080-1] New ghostscript packages fix several vulnerabilities
2010-08-01 01:25:15
osv
osv
ghostscript - several vulnerabilities
2010-08-01 00:00:00
gentoo
gentoo
GPL Ghostscript: Multiple vulnerabilities
2014-12-13 00:00:00
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.139 Low
EPSS
Percentile
95.6%
Related for UB:CVE-2009-0196