DSA-1746 ghostscript -- several vulnerabilitiesID: oval:org.mitre.oval:def:7813 | Date: (C)2009-12-15 (M)2023-11-09 |
Class: PATCH | Family: unix |
Two security issues have been discovered in ghostscript, the GPL Ghostscript PostScript/PDF interpreter. The Common Vulnerabilities and Exposures project identifies the following problems: Jan Lieskovsky discovered multiple integer overflows in the ICC library, which allow the execution of arbitrary code via crafted ICC profiles in PostScript files with embedded images. Jan Lieskovsky discovered insufficient upper-bounds checks on certain variable sizes in the ICC library, which allow the execution of arbitrary code via crafted ICC profiles in PostScript files with embedded images.
Platform: |
Debian 5.0 |
Debian 4.0 |