Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-59800

Опубликовано: 22 сент. 2025
Источник: redhat
CVSS3: 4

Описание

In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocr_line8.

A flaw was found in Artifex Ghostscript. An integer overflow vulnerability, which occurs when a program attempts to store a number in an integer variable that is too small to hold it, leads to a heap-based buffer overflow. This allows a local attacker to cause a Denial of Service (DoS) by processing a specially crafted document.

Отчет

This vulnerability is rated Moderate for Red Hat products. An integer overflow in Artifex Ghostscript's OCR processing, specifically in ocr_begin_page, can lead to a heap-based buffer overflow. This flaw could be triggered by processing a specially crafted document, potentially resulting in denial of service or arbitrary code execution.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10ghostscriptFix deferred
Red Hat Enterprise Linux 6ghostscriptFix deferred
Red Hat Enterprise Linux 7ghostscriptFix deferred
Red Hat Enterprise Linux 8ghostscriptFix deferred
Red Hat Enterprise Linux 9ghostscriptFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=2397226Artifex Ghostscript: Artifex Ghostscript: Denial of Service via crafted document processing

4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-59800

CVSS3: 4.3
ubuntu
7 месяцев назад

In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocr_line8.

nvd логотип

CVE-2025-59800

CVSS3: 4.3
nvd
7 месяцев назад

In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocr_line8.

debian логотип

CVE-2025-59800

CVSS3: 4.3
debian
7 месяцев назад

In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdev ...

github логотип

GHSA-2mxc-fm8x-qgcp

CVSS3: 4.3
github
7 месяцев назад

In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocr_line8.

fstec логотип

BDU:2025-11522

CVSS3: 4.3
fstec
7 месяцев назад

Уязвимость функции ocr_begin_page набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю оказать воздействие на целостность защищаемой информации

4 Medium

CVSS3