Описание
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
Ссылки
- Mailing ListThird Party Advisory
- Exploit
- URL Repurposed
- URL Repurposed
- URL Repurposed
- URL Repurposed
- URL Repurposed
- URL Repurposed
- URL Repurposed
- URL Repurposed
- URL Repurposed
- URL Repurposed
- Mailing List
- Broken Link
- Patch
- Patch
- Third Party Advisory
- URL Repurposed
- Broken LinkVDB Entry
- Broken LinkVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 8.61 (включая)
Одновременно
Одно из
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:s-390:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:2007.0_x86_64:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrakesoft_corporate_server:3.0_x86_64:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrakesoft_corporate_server:4.0_x86_64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:desktop:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:desktop:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5:*:server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:as_3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:as_4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:es_3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:es_4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:ws_3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:ws_4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5:*:client:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop_workstation:5:*:client:*:*:*:*:*
cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*
cpe:2.3:o:suse:novell_linux_pos:9:*:*:*:*:*:*:*
cpe:2.3:o:suse:open_suse:10.2:*:*:*:*:*:*:*
cpe:2.3:o:suse:open_suse:10.3:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:10:sp1:enterprise_desktop:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:10:sp1:enterprise_server:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:10.1:*:ppc:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:10.1:*:x86:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:10.1:*:x86_64:*:*:*:*:*
cpe:2.3:o:suse:suse_open_enterprise_server:0:*:*:*:*:*:*:*
cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
Одно из
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:s-390:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*
Одно из
cpe:2.3:a:ghostscript:ghostscript:0:*:*:*:*:*:*:*
cpe:2.3:a:ghostscript:ghostscript:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ghostscript:ghostscript:8.15:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.17028
Средний
6.8 Medium
CVSS2
Дефекты
CWE-119
Связанные уязвимости
ubuntu
больше 17 лет назад
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
redhat
больше 17 лет назад
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
debian
больше 17 лет назад
Stack-based buffer overflow in the zseticcspace function in zicc.c in ...
github
больше 3 лет назад
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
oracle-oval
больше 17 лет назад
ELSA-2008-0155: Important: ghostscript security update (IMPORTANT)
EPSS
Процентиль: 95%
0.17028
Средний
6.8 Medium
CVSS2
Дефекты
CWE-119