Short Name |
HTTP:STC:DL:GHOSTSCRIPT-PS-BOF
|
Severity |
High
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
Ghostscript PostScript Identifier Stack Buffer Overflow
|
Release Date |
2012/11/05
|
Update Number |
2200
|
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+
|
HTTP: Ghostscript PostScript Identifier Stack Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Ghostscript PostScript. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected application.
Extended Description
Ghostscript is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into a finite-sized buffer.
Successful exploits may allow remote attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Ghostscript 8.64 and 8.70 are vulnerable; other versions may also be affected.
Affected Products
- Debian Linux 5.0
- Debian Linux 5.0 Alpha
- Debian Linux 5.0 Amd64
- Debian Linux 5.0 Arm
- Debian Linux 5.0 Armel
- Debian Linux 5.0 Hppa
- Debian Linux 5.0 Ia-32
- Debian Linux 5.0 Ia-64
- Debian Linux 5.0 M68k
- Debian Linux 5.0 Mips
- Debian Linux 5.0 Mipsel
- Debian Linux 5.0 Powerpc
- Debian Linux 5.0 S/390
- Debian Linux 5.0 Sparc
- Ghostscript 8.64
- Ghostscript 8.70
- Mandriva Corporate Server 4.0
- Mandriva Corporate Server 4.0.0 X86 64
- Mandriva Enterprise Server 5
- Mandriva Enterprise Server 5 X86 64
- Mandriva Linux Mandrake 2008.0
- Mandriva Linux Mandrake 2008.0 X86 64
- Mandriva Linux Mandrake 2009.0
- Mandriva Linux Mandrake 2009.0 X86 64
- Mandriva Linux Mandrake 2009.1
- Mandriva Linux Mandrake 2009.1 X86 64
- Mandriva Linux Mandrake 2010.0
- Mandriva Linux Mandrake 2010.0 X86 64
- SuSE Linux 11
- SuSE openSUSE 11.0
- SuSE openSUSE 11.1
- SuSE openSUSE 11.2
- SuSE openSUSE 11.3
- SuSE SUSE Linux Enterprise 11
- SuSE SUSE Linux Enterprise 11 SP1
- SuSE SUSE Linux Enterprise Desktop 11
- SuSE SUSE Linux Enterprise Desktop 11 SP1
- SuSE SUSE Linux Enterprise Server 11
- SuSE SUSE Linux Enterprise Server 11 SP1
- Ubuntu Ubuntu Linux 10.04 Amd64
- Ubuntu Ubuntu Linux 10.04 I386
- Ubuntu Ubuntu Linux 10.04 Powerpc
- Ubuntu Ubuntu Linux 10.04 Sparc
- Ubuntu Ubuntu Linux 8.04 LTS Amd64
- Ubuntu Ubuntu Linux 8.04 LTS I386
- Ubuntu Ubuntu Linux 8.04 LTS Lpia
- Ubuntu Ubuntu Linux 8.04 LTS Powerpc
- Ubuntu Ubuntu Linux 8.04 LTS Sparc
- Ubuntu Ubuntu Linux 9.04 Amd64
- Ubuntu Ubuntu Linux 9.04 I386
- Ubuntu Ubuntu Linux 9.04 Lpia
- Ubuntu Ubuntu Linux 9.04 Powerpc
- Ubuntu Ubuntu Linux 9.04 Sparc
- Ubuntu Ubuntu Linux 9.10 Amd64
- Ubuntu Ubuntu Linux 9.10 I386
- Ubuntu Ubuntu Linux 9.10 Lpia
- Ubuntu Ubuntu Linux 9.10 Powerpc
- Ubuntu Ubuntu Linux 9.10 Sparc
References