Ghostscript 'iscan.c' PDF Handling Remote Buffer Overflow Vulnerability

Ghostscript is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into a finite-sized buffer.

Exploiting this issue allows remote attackers to overwrite a sensitive memory buffer with arbitrary data, potentially allowing them to execute malicious machine code in the context of the affected application. A successful exploit may facilitate the compromise of the affected computer.

Ghostscript 8.64 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus