Lucene search
Ubuntu.comUB:CVE-2010-1628HistoryMay 19, 2010 - 12:00 a.m.
CVE-2010-1628
2010-05-1900:00:00
ubuntu.com
ubuntu.com
9
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
77.5%
Ghostscript 8.64, 8.70, and possibly other versions allows
context-dependent attackers to execute arbitrary code via a PostScript file
containing unlimited recursive procedure invocations, which trigger memory
corruption in the stack of the interpreter.
Bugs
- <https://bugs.launchpad.net/ubuntu/+source/ghostscript/+bug/546009>
- <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-1628>
- <http://bugs.ghostscript.com/show_bug.cgi?id=691295>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584516>
Notes
| Author | Note |
|---|---|
| mdeslaur | reproducer doesn’t appear to work on dapper’s gs-esp |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 8.04 | noarch | ghostscript | < 8.61.dfsg.1-1ubuntu3.3 | UNKNOWN |
| ubuntu | 9.04 | noarch | ghostscript | < 8.64.dfsg.1-0ubuntu8.1 | UNKNOWN |
| ubuntu | 9.10 | noarch | ghostscript | < 8.70.dfsg.1-0ubuntu3.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | ghostscript | < 8.71.dfsg.1-0ubuntu5.2 | UNKNOWN |
Related
openvas
openvas
Mandriva Update for ghostscript MDVSA-2010:136 (ghostscript)
2010-09-27 00:00:00
Mandriva Update for ghostscript MDVSA-2010:136 (ghostscript)
2010-09-27 00:00:00
Fedora Update for ghostscript FEDORA-2010-11325
2010-08-20 00:00:00
nessus
nessus
Fedora 12 : ghostscript-8.71-7.fc12 (2010-11376)
2010-08-18 00:00:00
Fedora 13 : ghostscript-8.71-10.fc13 (2010-11325)
2010-08-18 00:00:00
Debian DSA-2093-1 : ghostscript - several vulnerabilities
2010-08-23 00:00:00
debiancve
debiancve
CVE-2010-1628
2010-05-19 22:30:00
prion
prion
Memory corruption
2010-05-19 22:30:00
fedora
fedora
[SECURITY] Fedora 13 Update: ghostscript-8.71-10.fc13
2010-08-17 05:25:42
[SECURITY] Fedora 12 Update: ghostscript-8.71-7.fc12
2010-08-17 05:44:47
[SECURITY] Fedora 13 Update: ghostscript-8.71-16.fc13
2010-10-11 19:26:10
cve
cve
CVE-2010-1628
2010-05-19 22:30:00
debian
debian
[SECURITY] [DSA 2093-1] New ghostscript packages fix several vulnerabilities
2010-08-19 08:20:58
[SECURITY] [DSA 2093-1] New ghostscript packages fix several vulnerabilities
2010-08-19 08:20:58
osv
osv
ghostscript - several vulnerabilities
2010-08-19 00:00:00
ubuntu
ubuntu
Ghostscript vulnerabilities
2010-07-13 00:00:00
gentoo
gentoo
GPL Ghostscript: Multiple vulnerabilities
2014-12-13 00:00:00
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
77.5%
Related for UB:CVE-2010-1628