cpe:/a:ghostscript:ghostscript:8.61 CVE-2007-6725 2009-04-08T12:30:00.377-04:00 2018-10-03T17:52:47.087-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-04-08T12:51:00.000-04:00 BUGTRAQ 20090417 rPSA-2009-0060-1 ghostscript SUNALERT 262288 BID 34337 SECUNIA 34726 SECUNIA 34729 SECUNIA 34732 SECUNIA 35416 SECUNIA 35559 SECUNIA 35569 VUPEN ADV-2009-1708 FEDORA FEDORA-2008-5699 MANDRIVA MDVSA-2009:095 MANDRIVA MDVSA-2009:096 REDHAT RHSA-2009:0420 REDHAT RHSA-2009:0421 SUSE SUSE-SR:2009:011 UBUNTU USN-757-1 MLIST [oss-security] 20090401 CVE request -- ghostscript CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2009-155.htm CONFIRM http://wiki.rpath.com/Advisories:rPSA-2009-0060 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=229174 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=493442 The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_decode_2d function.