Lucene search
Ubuntu.comUB:CVE-2009-4897HistoryMay 12, 2010 - 12:00 a.m.
CVE-2009-4897
2010-05-1200:00:00
ubuntu.com
ubuntu.com
13
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.77 High
EPSS
Percentile
98.2%
Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows
remote attackers to execute arbitrary code or cause a denial of service
(memory corruption) via a crafted PDF document containing a long name.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | reproducer doesn’t seem to affect dapper |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 8.04 | noarch | ghostscript | < 8.61.dfsg.1-1ubuntu3.3 | UNKNOWN |
| ubuntu | 9.04 | noarch | ghostscript | < 8.64.dfsg.1-0ubuntu8.1 | UNKNOWN |
Related
openvas
openvas
Ghostscript 'iscan.c' PDF Handling Remote Buffer Overflow Vulnerability
2010-07-26 00:00:00
Ghostscript 'iscan.c' PDF Handling Remote Buffer Overflow Vulnerability
2010-07-26 00:00:00
Debian: Security Advisory (DSA-2093-1)
2010-08-21 00:00:00
prion
prion
Buffer overflow
2010-07-22 05:40:00
debiancve
debiancve
CVE-2009-4897
2010-07-22 05:40:00
checkpoint_advisories
checkpoint_advisories
Ghostscript Pdf parsing Buffer Overflow - Ver2 (CVE-2009-4897)
2014-03-03 00:00:00
cve
cve
CVE-2009-4897
2010-07-22 05:40:00
debian
debian
[SECURITY] [DSA 2093-1] New ghostscript packages fix several vulnerabilities
2010-08-19 08:20:58
[SECURITY] [DSA 2093-1] New ghostscript packages fix several vulnerabilities
2010-08-19 08:20:58
osv
osv
ghostscript - several vulnerabilities
2010-08-19 00:00:00
nessus
nessus
Debian DSA-2093-1 : ghostscript - several vulnerabilities
2010-08-23 00:00:00
Mandriva Linux Security Advisory : ghostscript (MDVSA-2010:136)
2010-07-30 00:00:00
Mandriva Linux Security Advisory : ghostscript (MDVSA-2010:134)
2010-07-30 00:00:00
ubuntu
ubuntu
Ghostscript vulnerabilities
2010-07-13 00:00:00
gentoo
gentoo
GPL Ghostscript: Multiple vulnerabilities
2014-12-13 00:00:00
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.77 High
EPSS
Percentile
98.2%
Related for UB:CVE-2009-4897