FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-6679

This CVE name corresponds to:

Entered Topic
2009-05-13 ghostscript -- buffer overflow vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-6679 at cve.mitre.org

Details

Type Candidate
Name CVE-2008-6679
Phase Assigned(20090408)

Description

Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service (ps2pdf crash) and possibly execute arbitrary code via a crafted Postscript file.

References

Source Reference
BUGTRAQ 20090417 rPSA-2009-0060-1 ghostscript
MLIST [oss-security] 20090401 CVE request -- ghostscript
CONFIRM http://bugs.ghostscript.com/show_bug.cgi?id=690211
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=493445
CONFIRM http://wiki.rpath.com/Advisories:rPSA-2009-0060
FEDORA FEDORA-2009-3709
FEDORA FEDORA-2009-3710
MANDRIVA MDVSA-2009:095
REDHAT RHSA-2009:0421
SUNALERT 262288
SUSE SUSE-SR:2009:011
UBUNTU USN-757-1
OVAL oval:org.mitre.oval:def:10019
SECUNIA 34732
SECUNIA 34729
SECUNIA 34667
SECUNIA 35416
SECUNIA 35559
SECUNIA 35569
VUPEN ADV-2009-1708

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.