MDVSA-2009:095 -- Mandriva ghostscriptID: oval:org.secpod.oval:def:300723 | Date: (C)2012-01-07 (M)2023-11-13 |
Class: PATCH | Family: unix |
A buffer underflow in Ghostscript"s CCITTFax decoding filter allows remote attackers to cause denial of service and possibly to execute arbitrary by using a crafted PDF file . Buffer overflow in Ghostscript"s BaseFont writer module allows remote attackers to cause a denial of service and possibly to execute arbitrary code via a crafted Postscript file . Multiple interger overflows in Ghostsript"s International Color Consortium Format Library allows attackers to cause denial of service and possibly execute arbirary code by using either a PostScript or PDF file with crafte embedded images . Multiple interger overflows in Ghostsript"s International Color Consortium Format Library allows attackers to cause denial of service and possibly execute arbirary code by using either a PostScript or PDF file with crafte embedded images. Note: this issue exists because of an incomplete fix for CVE-2009-0583 . Heap-based overflow in Ghostscript"s JBIG2 decoding library allows attackers to cause denial of service and possibly to execute arbitrary code by using a crafted PDF file . This update provides fixes for that vulnerabilities. Update: gostscript packages from Mandriva Linux 2009.0 distribution are not affected by CVE-2007-6725.
Platform: |
Mandriva Linux 2009.0 |
Mandriva Linux 2008.1 |