Heap-Based Buffer Overflow in Ghostscript Affects User Processing
CVE-2012-4875

Currently unrated

Key Information:

Vendor

Artifex
Status
Gpl Ghostscript
Vendor
CVE Published:
6 September 2012

What is CVE-2012-4875?

A weakness in the Ghostscript software, specifically in the handling of the OutputFile device parameter, allows for heap-based buffer overflow. This vulnerability could be exploited by attackers when a user processes a maliciously crafted PostScript document that contains an excessively long file name. Successful exploitation may lead to arbitrary code execution on the affected system. This emphasizes the importance of keeping software up-to-date and verifying the sources of documents to mitigate potential security risks.

References

http://secunia.com/advisories/47855
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/52864
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/74554
vdb-entryx_refsource_XF

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.