Lucene search
DebianDEBIAN:DLA-280-1:1A170HistoryJul 25, 2015 - 2:16 p.m.
[SECURITY] [DLA 280-1] ghostscript security update
2015-07-2514:16:28
lists.debian.org
15
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.8
Confidence
High
EPSS
0.014
Percentile
86.5%
Package : ghostscript
Version : 8.71~dfsg2-9+squeeze2
CVE ID : CVE-2015-3228
Debian Bug : 793489
In gs_heap_alloc_bytes(), add a sanity check to ensure we don't
overflow the variable holding the actual number of bytes we
allocate.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 8 | i386 | ghostscript-x | < 9.06~dfsg-2+deb8u1 | ghostscript-x_9.06~dfsg-2+deb8u1_i386.deb |
| Debian | 6 | all | gs-esp | < 8.71~dfsg2-9+squeeze2 | gs-esp_8.71~dfsg2-9+squeeze2_all.deb |
| Debian | 8 | amd64 | ghostscript | < 9.06~dfsg-2+deb8u1 | ghostscript_9.06~dfsg-2+deb8u1_amd64.deb |
| Debian | 7 | kfreebsd-i386 | ghostscript | < 9.05~dfsg-6.3+deb7u2 | ghostscript_9.05~dfsg-6.3+deb7u2_kfreebsd-i386.deb |
| Debian | 8 | powerpc | libgs9 | < 9.06~dfsg-2+deb8u1 | libgs9_9.06~dfsg-2+deb8u1_powerpc.deb |
| Debian | 8 | s390x | libgs9 | < 9.06~dfsg-2+deb8u1 | libgs9_9.06~dfsg-2+deb8u1_s390x.deb |
| Debian | 7 | i386 | ghostscript-dbg | < 9.05~dfsg-6.3+deb7u2 | ghostscript-dbg_9.05~dfsg-6.3+deb7u2_i386.deb |
| Debian | 8 | powerpc | ghostscript-x | < 9.06~dfsg-2+deb8u1 | ghostscript-x_9.06~dfsg-2+deb8u1_powerpc.deb |
| Debian | 8 | amd64 | libgs9 | < 9.06~dfsg-2+deb8u1 | libgs9_9.06~dfsg-2+deb8u1_amd64.deb |
| Debian | 8 | s390x | ghostscript | < 9.06~dfsg-2+deb8u1 | ghostscript_9.06~dfsg-2+deb8u1_s390x.deb |
Related
ubuntucve
ubuntucve
CVE-2015-3228
2015-07-24 00:00:00
debian
debian
[SECURITY] [DSA 3326-1] ghostscript security update
2015-08-02 12:43:48
[SECURITY] [DSA 3326-1] ghostscript security update
2015-08-02 12:43:48
securityvulns
securityvulns
[USN-2697-1] Ghostscript vulnerability
2015-08-03 00:00:00
ghostscript memory corruption
2015-08-03 00:00:00
cve
cve
CVE-2015-3228
2015-08-11 14:59:02
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2016:0884-1)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-2697-1)
2015-07-31 00:00:00
Debian Security Advisory DSA 3326-1 (ghostscript - security update)
2015-08-02 00:00:00
osv
osv
ghostscript - security update
2015-07-25 00:00:00
ghostscript - security update
2015-08-02 00:00:00
nessus
nessus
debiancve
debiancve
CVE-2015-3228
2015-08-11 14:59:02
gentoo
gentoo
GPL Ghostscript: User-assisted execution of arbitrary code
2016-12-13 00:00:00
prion
prion
Integer overflow
2015-08-11 14:59:00
nvd
nvd
CVE-2015-3228
2015-08-11 14:59:02
ubuntu
ubuntu
Ghostscript vulnerability
2015-07-30 00:00:00
mageia
mageia
Updated ghostscript package fixes security vulnerability
2015-08-10 17:31:41
cvelist
cvelist
CVE-2015-3228
2015-08-11 14:00:00
freebsd
freebsd
ghostscript -- denial of service (crash) via crafted Postscript files
2015-06-17 00:00:00
suse
suse
Security update for ghostscript-library (important)
2016-10-11 18:09:48
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.8
Confidence
High
EPSS
0.014
Percentile
86.5%
Related for DEBIAN:DLA-280-1:1A170