Description
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
Published: 2008-02-28
Score: 6.8 Medium
EPSS: 15.3% Moderate
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-1510-1 New ghostscript packages fix arbitrary code execution
Ubuntu USN Ubuntu USN USN-599-1 Ghostscript vulnerability
History

No history.

Subscriptions

Debian Debian Linux
Ghostscript Ghostscript
Mandrakesoft Mandrake Linux Mandrake Linux Corporate Server Mandrakesoft Corporate Server
Redhat Desktop Enterprise Linux Enterprise Linux Desktop Enterprise Linux Desktop Workstation
Rpath Rpath Linux
Suse Novell Linux Pos Open Suse Suse Linux Suse Open Enterprise Server
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-07T07:46:54.069Z

Reserved: 2008-01-23T00:00:00.000Z

Link: CVE-2008-0411

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2008-02-28T21:44:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-0411

cve-icon Redhat

Severity : Important

Publid Date: 2008-02-27T00:00:00Z

Links: CVE-2008-0411 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses