Buffer Overflow Vulnerability in GhostScript Products by Artifex Software
CVE-2010-1869

Currently unrated

Key Information:

Vendor: Artifex
Status: Gpl Ghostscript
Vendor: CVE Published:; 12 May 2010

What is CVE-2010-1869?

In GhostScript versions 8.70 and 8.64, a stack-based buffer overflow vulnerability exists within the parser function. This weakness can be exploited by attackers to execute arbitrary code through the use of crafted PostScript files, posing significant security risks to systems utilizing affected versions of GhostScript.

References

http://www.vupen.com/english/advisories/2010/1195

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/39753

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2010/1138

vdb-entryx_refsource_VUPEN

EPSS Score

26% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2010
Vulnerability Reserved
May 10, 2010