Denial of Service Vulnerability in Ghostscript Product
CVE-2010-4054

Currently unrated

Key Information:

Vendor: Artifex
Status: Gpl Ghostscript; Afpl Ghostscript; Ghostscript Fonts
Vendor: CVE Published:; 23 October 2010

Summary

The gs_type2_interpret function in Ghostscript can be exploited by remote attackers, leading to a denial of service condition. Attackers can manipulate font data within a compressed data stream to cause the application to crash due to incorrect pointer dereferencing. This vulnerability highlights the importance of secure handling of font data, as it poses a risk to system stability and availability.

References

https://rhn.redhat.com/errata/RHSA-2012-0095.html

vendor-advisoryx_refsource_REDHAT

http://security.gentoo.org/glsa/glsa-201412-17.xml

vendor-advisoryx_refsource_GENTOO

http://rhn.redhat.com/errata/RHSA-2012-0096.html

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability published
Oct 23, 2010
Vulnerability Reserved
Oct 22, 2010