Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveRedhatCVE-2009-4270
HistoryDec 21, 2009 - 4:30 p.m.

CVE-2009-4270

2009-12-2116:30:00
CWE-119
redhat
web.nvd.nist.gov
42
cve-2009-4270
buffer overflow
ghostscript
denial of service
remote code execution
pdf
nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.025

Percentile

90.3%

JSON

Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file, as originally reported for debug logging code in gdevcups.c in the CUPS output driver.

Affected configurations

Nvd
Node
ghostscriptghostscriptMatch8.64
OR
ghostscriptghostscriptMatch8.70
VendorProductVersionCPE
ghostscriptghostscript8.64cpe:/a:ghostscript:ghostscript:8.64:::
ghostscriptghostscript8.70cpe:/a:ghostscript:ghostscript:8.70:::

Related

cvelist 1
ubuntucve 1
seebug 1
prion 1
redhatcve 1
debiancve 1
nvd 1
openvas 15
fedora 2
nessus 8
ubuntu 1
osv 1
debian 1
gentoo 1
cvelist
cvelist
CVE-2009-4270
2009-12-21 16:00:00
ubuntucve
ubuntucve
CVE-2009-4270
2009-12-21 00:00:00
seebug
seebug
Ghostscript errprintf()函数PDFζ–‡δ»Άε€„η†ζ ˆζΊ’ε‡ΊζΌζ΄ž
2009-12-23 00:00:00
prion
prion
Stack overflow
2009-12-21 16:30:00
redhatcve
redhatcve
CVE-2009-4270
2015-10-30 10:23:19
debiancve
debiancve
CVE-2009-4270
2009-12-21 16:30:00
nvd
nvd
CVE-2009-4270
2009-12-21 16:30:00
openvas
openvas
Mandriva Update for ghostscript MDVSA-2010:134 (ghostscript)
2010-07-16 00:00:00
Mandriva Update for ghostscript MDVSA-2010:134 (ghostscript)
2010-07-16 00:00:00
Fedora Update for ghostscript FEDORA-2010-11376
2010-08-20 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: ghostscript-8.71-7.fc12
2010-08-17 05:44:47
[SECURITY] Fedora 12 Update: ghostscript-8.71-16.fc12
2010-10-14 23:02:13
nessus
nessus
Mandriva Linux Security Advisory : ghostscript (MDVSA-2010:134)
2010-07-30 00:00:00
Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : ghostscript vulnerabilities (USN-961-1)
2010-07-14 00:00:00
openSUSE Security Update : ghostscript-devel (openSUSE-SU-2010:0425-1)
2010-07-23 00:00:00
ubuntu
ubuntu
Ghostscript vulnerabilities
2010-07-13 00:00:00
osv
osv
ghostscript - several vulnerabilities
2010-08-01 00:00:00
debian
debian
[SECURITY] [DSA 2080-1] New ghostscript packages fix several vulnerabilities
2010-08-01 01:24:55
gentoo
gentoo
GPL Ghostscript: Multiple vulnerabilities
2014-12-13 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.025

Percentile

90.3%

JSON
Related for CVE-2009-4270
cvelist1ubuntucve1seebug1prion1redhatcve1debiancve1nvd1openvas15fedora2nessus8ubuntu1osv1debian1gentoo1