Ghostscript is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into a finite-sized buffer.
Exploiting this issue allows remote attackers to overwrite a sensitive memory buffer with arbitrary data, potentially allowing them to execute malicious machine code in the context of the affected application. A successful exploit may facilitate the compromise of the affected computer.
Ghostscript 8.64 and 8.70 are affected; other versions may be vulnerable as well.
No comments:
Post a Comment