Next Page >>
ghostscript
===========================================================
Ubuntu Security Notice USN-757-1 April 15, 2009
ghostscript, gs-esp, gs-gpl vulnerabilities
CVE-2007-6725, CVE-2008-6679, CVE-2009-0196, CVE-2009-0583,
CVE-2009-0584, CVE-2009-0792
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Ghostscript: User-assisted execution of arbitrary code
Date: March 23, 2009
Bugs: #261087
ID: 200903-37
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Mandriva Linux Security Advisory MDVSA-2009:311
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ghostscript
Date : December 3, 2009
Affected: 2008.0
_______________________________________________________________________
Problem Description:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Ghostscript: Buffer overflow
Date: March 08, 2008
Bugs: #208999
ID: 200803-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
===========================================================
Ubuntu Security Notice USN-961-1 July 13, 2010
ghostscript vulnerabilities
CVE-2009-4270, CVE-2009-4897, CVE-2010-1628, CVE-2010-1869
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 9.04
--------------------------------------------------------------------------------------
* Ghostscript library Ins_MINDEX() off by one, *
* integer overflow and heapcorruption *
--------------------------------------------------------------------------------------
--[ Vulnerability Summary:
Date Published: 31/08/2010
Last Update: 31/08/2010
===============================================================
Ghostscript, multiple arbitrary code execution vulnerabilities
May 11, 2010
CVE-2010-1869
===============================================================
==Description==
Ghostscript (www.ghostscript.com), an interpreter for the PostScript language,
is vulnerable to two memory corruption vulnerabilities:
Debian Security Advisory DSA-2093-1 security@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
August 19, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : ghostscript
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2009-4897 CVE-2010-1628
Debian Bug : 584516
Mandriva Linux Security Advisory MDVSA-2010:134
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ghostscript
Date : July 15, 2010
Affected: 2008.0, 2009.0, 2009.1, 2010.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Mandriva Linux Security Advisory MDVSA-2009:095
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ghostscript
Date : April 24, 2009
Affected: 2008.1, 2009.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
Mandriva Linux Security Advisory MDVSA-2009:165
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ghostscript
Date : July 28, 2009
Affected: Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Mandriva Linux Security Advisory MDVSA-2009:144
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ghostscript
Date : June 27, 2009
Affected: 2008.1, 2009.0, 2009.1
_______________________________________________________________________
Problem Description:
Mandriva Linux Security Advisory MDVSA-2010:102
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ghostscript
Date : May 19, 2010
Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0,
Enterprise Server 5.0
_______________________________________________________________________
Debian Security Advisory DSA-1746-1 security@debian.org
http://www.debian.org/security/ Steffen Joeris
March 20, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : ghostscript
Vulnerability : several vulnerabilities
Problem type : local (remote)
Debian-specific: no
CVE Ids : CVE-2009-0583 CVE-2009-0584
Debian Security Advisory DSA-2080-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
August 01, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : ghostscript
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2007-6725 CVE-2008-3522 CVE-2008-6679 CVE-2009-0196 CVE-2009-0792 CVE-2009-4270 CVE-2010-1869
===========================================================
Ubuntu Security Notice USN-743-1 March 23, 2009
ghostscript, gs-gpl vulnerabilities
CVE-2009-0583, CVE-2009-0584
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.10
======================================================================
Secunia Research 09/04/2009
- Ghostscript jbig2dec JBIG2 Processing Buffer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
Mandriva Linux Security Advisory MDVSA-2010:136
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ghostscript
Date : July 15, 2010
Affected: 2010.1
_______________________________________________________________________
Problem Description:
Mandriva Linux Security Advisory MDVSA-2010:135
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ghostscript
Date : July 15, 2010
Affected: Corporate 4.0
_______________________________________________________________________
Problem Description:
Dnia środa, 26 maja 2010 o 04:32:51 paul.szabo@sydney.edu.au napisał(a):
> Dear Christopher,
>
> > Ghostscript_8.64 on openSuSE_11.2 executes all files matching
> > ./Encoding/* on startup. This search is relative to the current
> > directory so it is easy to poison Ghostscript and cause it to execute
> > arbitrary PostScript code without user action or knowledge.
> >
> > Details: <URL:https://bugzilla.novell.com/show_bug.cgi?id=608071>
>
> I also see no -P- and no absolute paths for the ps files mentioned in
> many "gs scripts" e.g. /usr/bin/pdf2dsc or /usr/bin/ps2ascii . Also,
> crappy coding for "GS_EXECUTABLE=gs". Am not sure if these are
> "originally gs" or "Debian special".
I believe they're all part of the standard Ghostscript distribution; at
any rate, they're in the Windows Ghostscript distribution I have
installed here.
The Windows scripts (gs*\lib\*.bat) are similarly vulnerable: no use of
-P-, and letting the executable name be overridden by an environment
===========================================================
Ubuntu Security Notice USN-501-2 October 22, 2007
ghostscript, gs-gpl vulnerability
CVE-2007-2721
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.10
Ubuntu 7.04
Hi,
Buffer overflow in Ghostscript. A useful attack vector because a lot
of UNIX workstations will put PS files on the web through Ghostscript.
The problem is a stack-based buffer overflow in the zseticcspace()
function in zicc.c. The issue is over-trust of the length of a
postscript array which an attacker can set to an arbitrary length. One
slight amusement is that the overflowed type is "float", leading to
machine code -> float conversion in any exploit. An example .ps file
===========================================================
Ubuntu Security Notice USN-599-1 April 09, 2008
ghostscript, gs-esp, gs-gpl vulnerability
CVE-2008-0411
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6.10
Mandriva Linux Security Advisory MDVSA-2008:055
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ghostscript
Date : February 29, 2008
Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
Mandriva Linux Security Advisory MDKSA-2007:208
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ghostscript
Date : November 5, 2007
Affected: 2008.0
_______________________________________________________________________
Problem Description:
Rating: Minor
Exposure Level Classification:
Indirect Deterministic Vulnerability
Updated Versions:
ghostscript=conary.rpath.com@rpl:devel/8.61-2.1-1
rPath Issue Tracking System:
https://issues.rpath.com/browse/RPL-2991
References:
The ghostscript people in
http://bugs.ghostscript.com/show_bug.cgi?id=691339
told me to use the -P- switch, and marked it "RESOLVED WONTFIX".
I guess -P- should be the default, as well as -dSAFER should be.
The way gv invokes gs is "wrong". For example, using command
gv /tmp/any.ps
will do:
chdir("/tmp/")
execve(..., "gs", ... "-dSAFER", ... "any.ps", ...)
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2008-0411
Chris Evans discovered a buffer overflow in the color space handling
code of the Ghostscript PostScript/PDF interpreter, which might result
in the execution of arbitrary code if a user is tricked into processing
a malformed file.
For the stable distribution (etch), this problem has been fixed in version
8.54.dfsg.1-5etch1 of gs-gpl and 8.15.3.dfsg.1-1etch1 of gs-esp.
Rating: Minor
Exposure Level Classification:
Indirect Deterministic Vulnerability
Updated Versions:
ghostscript=conary.rpath.com@rpl:2/8.61-2.2-1
rPath Issue Tracking System:
https://issues.rpath.com/browse/RPL-3014
References:
Next Page>>
|
