Test Kennung:	1.3.6.1.4.1.25623.1.0.801411
Kategorie:	Buffer overflow
Titel:	Ghostscript 'iscan.c' PDF Handling Remote Buffer Overflow Vulnerability
Zusammenfassung:	Ghostscript is prone to a buffer overflow vulnerability.
Beschreibung:	Summary: Ghostscript is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw is due to improper bounds checking by 'iscan.c' when processing malicious 'PDF' files, which leads to open a specially-crafted PDF file. Vulnerability Impact: Successful exploitation allows the attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name. Affected Software/OS: Ghostscript version 8.64 and prior Solution: Upgrade to Ghostscript version 8.71 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4897 40580 http://secunia.com/advisories/40580 41593 http://www.securityfocus.com/bid/41593 66277 http://www.osvdb.org/66277 GLSA-201412-17 http://security.gentoo.org/glsa/glsa-201412-17.xml MDVSA-2010:134 http://www.mandriva.com/security/advisories?name=MDVSA-2010:134 MDVSA-2010:135 http://www.mandriva.com/security/advisories?name=MDVSA-2010:135 USN-961-1 http://www.ubuntu.com/usn/USN-961-1 ghostscript-iscan-bo(60380) https://exchange.xforce.ibmcloud.com/vulnerabilities/60380 http://bugs.ghostscript.com/show_bug.cgi?id=690523 https://bugzilla.redhat.com/show_bug.cgi?id=613792
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.