Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:DL:GHOSTSCRIPT-PS-BOF

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Ghostscript PostScript Identifier Stack Buffer Overflow

Release Date

 2012/11/05

Update Number

 2200

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Ghostscript PostScript Identifier Stack Buffer Overflow


This signature detects attempts to exploit a known vulnerability against Ghostscript PostScript. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected application.

Extended Description

Ghostscript is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into a finite-sized buffer. Successful exploits may allow remote attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Ghostscript 8.64 and 8.70 are vulnerable; other versions may also be affected.

Affected Products

  • Debian Linux 5.0
  • Debian Linux 5.0 Alpha
  • Debian Linux 5.0 Amd64
  • Debian Linux 5.0 Arm
  • Debian Linux 5.0 Armel
  • Debian Linux 5.0 Hppa
  • Debian Linux 5.0 Ia-32
  • Debian Linux 5.0 Ia-64
  • Debian Linux 5.0 M68k
  • Debian Linux 5.0 Mips
  • Debian Linux 5.0 Mipsel
  • Debian Linux 5.0 Powerpc
  • Debian Linux 5.0 S/390
  • Debian Linux 5.0 Sparc
  • Ghostscript 8.64
  • Ghostscript 8.70
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Enterprise Server 5
  • Mandriva Enterprise Server 5 X86 64
  • Mandriva Linux Mandrake 2008.0
  • Mandriva Linux Mandrake 2008.0 X86 64
  • Mandriva Linux Mandrake 2009.0
  • Mandriva Linux Mandrake 2009.0 X86 64
  • Mandriva Linux Mandrake 2009.1
  • Mandriva Linux Mandrake 2009.1 X86 64
  • Mandriva Linux Mandrake 2010.0
  • Mandriva Linux Mandrake 2010.0 X86 64
  • SuSE Linux 11
  • SuSE openSUSE 11.0
  • SuSE openSUSE 11.1
  • SuSE openSUSE 11.2
  • SuSE openSUSE 11.3
  • SuSE SUSE Linux Enterprise 11
  • SuSE SUSE Linux Enterprise 11 SP1
  • SuSE SUSE Linux Enterprise Desktop 11
  • SuSE SUSE Linux Enterprise Desktop 11 SP1
  • SuSE SUSE Linux Enterprise Server 11
  • SuSE SUSE Linux Enterprise Server 11 SP1
  • Ubuntu Ubuntu Linux 10.04 Amd64
  • Ubuntu Ubuntu Linux 10.04 I386
  • Ubuntu Ubuntu Linux 10.04 Powerpc
  • Ubuntu Ubuntu Linux 10.04 Sparc
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • Ubuntu Ubuntu Linux 9.04 Amd64
  • Ubuntu Ubuntu Linux 9.04 I386
  • Ubuntu Ubuntu Linux 9.04 Lpia
  • Ubuntu Ubuntu Linux 9.04 Powerpc
  • Ubuntu Ubuntu Linux 9.04 Sparc
  • Ubuntu Ubuntu Linux 9.10 Amd64
  • Ubuntu Ubuntu Linux 9.10 I386
  • Ubuntu Ubuntu Linux 9.10 Lpia
  • Ubuntu Ubuntu Linux 9.10 Powerpc
  • Ubuntu Ubuntu Linux 9.10 Sparc

References

  • BugTraq: 40103
  • CVE: CVE-2010-1869

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out