Integer Overflow Vulnerability in Ghostscript by Artifex Software
CVE-2015-3228

Currently unrated

Key Information:

Vendor

Artifex
Status
Afpl Ghostscript
Vendor
CVE Published:
11 August 2015

What is CVE-2015-3228?

An integer overflow vulnerability exists in the gs_heap_alloc_bytes function located in base/gsmalloc.c of Ghostscript versions 9.15 and earlier. This flaw allows remote attackers to exploit crafted Postscript (ps) files, leading to denial of service through crashes caused by out-of-bounds read or write operations. It is essential for users of Ghostscript to apply available patches and updates to mitigate the risk associated with this vulnerability. Proper validation of input files is crucial to prevent exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.debian.org/security/2015/dsa-3326
vendor-advisoryx_refsource_DEBIAN
http://bugs.ghostscript.com/show_bug.cgi?id=696070
x_refsource_CONFIRM
http://www.securitytracker.com/id/1033149
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.