Heap-Based Buffer Overflow in Ghostscript Affects User Processing
CVE-2012-4875

Currently unrated

Key Information:

Vendor

Artifex

Vendor
CVE Published:
6 September 2012

What is CVE-2012-4875?

A weakness in the Ghostscript software, specifically in the handling of the OutputFile device parameter, allows for heap-based buffer overflow. This vulnerability could be exploited by attackers when a user processes a maliciously crafted PostScript document that contains an excessively long file name. Successful exploitation may lead to arbitrary code execution on the affected system. This emphasizes the importance of keeping software up-to-date and verifying the sources of documents to mitigate potential security risks.

References

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.