openSUSE-SU-2012:1289-1 -- Suse ghostscriptID: oval:org.secpod.oval:def:400419 | Date: (C)2012-12-31 (M)2023-02-20 |
Class: PATCH | Family: unix |
The following security issue was fixed in ghostscript: Multiple integer underflows in the icmLut_allocate function in International Color Consortium Format library , as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PostScript or PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error.