FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ghostscript -- zseticcspace() function buffer overflow vulnerability

Affected packages
ghostscript-gpl < 8.61_2
ghostscript-gpl-nox11 < 8.61_2

Details

VuXML ID ca8e56d5-e856-11dc-b5af-0017319806e7
Discovery 2008-02-28
Entry 2008-03-05

Chris Evans from the Google Security Team reports:

Severity: parsing of evil PostScript file will result in arbitrary code execution.

A stack-based buffer overflow in the zseticcspace() function in zicc.c allows remote arbitrary code execution via a malicious PostScript file (.ps) that contains a long Range array.

References

Bugtraq ID 28017
CVE Name CVE-2008-0411
URL http://scary.beasts.org/security/CESA-2008-001.html