Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-9835

Опубликовано: 06 июн. 2017
Источник: redhat
CVSS3: 3.3

Описание

The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer overflow check in base/gsalloc.c.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5ghostscriptWill not fix
Red Hat Enterprise Linux 6ghostscriptWill not fix
Red Hat Enterprise Linux 7ghostscriptWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1475837ghostscript: Heap-buffer over-read in the gs_alloc_ref_array function

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-9835

CVSS3: 7.8
ubuntu
больше 8 лет назад

The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer overflow check in base/gsalloc.c.

nvd логотип

CVE-2017-9835

CVSS3: 7.8
nvd
больше 8 лет назад

The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer overflow check in base/gsalloc.c.

debian логотип

CVE-2017-9835

CVSS3: 7.8
debian
больше 8 лет назад

The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript ...

github логотип

GHSA-mgmv-54pf-p6jv

CVSS3: 7.8
github
больше 3 лет назад

The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer overflow check in base/gsalloc.c.

suse-cvrf логотип

openSUSE-SU-2018:0421-1

suse-cvrf
почти 8 лет назад

Security update for ghostscript

3.3 Low

CVSS3