CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
95.7%
Heap-based buffer overflow in the big2_decode_symbol_dict function
(jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in
Ghostscript 8.64, and probably earlier versions, allows remote attackers to
execute arbitrary code via a PDF file with a JBIG2 symbol dictionary
segment with a large run length value.
Author | Note |
---|---|
mdeslaur | Secunia advisory SA34292 |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.04 | noarch | ghostscript | <Β 8.61.dfsg.1-1ubuntu3.2 | UNKNOWN |
ubuntu | 8.10 | noarch | ghostscript | <Β 8.63.dfsg.1-0ubuntu6.4 | UNKNOWN |
ubuntu | 9.04 | noarch | ghostscript | <Β 8.64.dfsg.1-0ubuntu8 | UNKNOWN |
ubuntu | 9.10 | noarch | ghostscript | <Β 8.64.dfsg.1-0ubuntu8 | UNKNOWN |
ubuntu | 6.06 | noarch | gs-esp | <Β 8.15.2.dfsg.0ubuntu1-0ubuntu1.2 | UNKNOWN |
ubuntu | 6.06 | noarch | gs-gpl | <Β 8.15-4ubuntu3.3 | UNKNOWN |