Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6725

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-6725
Last Modified 21 Aug 2010 01:15:03
Published 08 Apr 2009 12:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6725

Summary

The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_decode_2d function.

Vulnerable Systems

Application

  • Ghostscript 8.61


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=493442

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=229174

VUPEN - ADV-2009-1708

UBUNTU - USN-757-1

BID - 34337

BUGTRAQ - 20090417 rPSA-2009-0060-1 ghostscript

REDHAT - RHSA-2009:0421

REDHAT - RHSA-2009:0420

MLIST - [oss-security] 20090401 CVE request -- ghostscript

MANDRIVA - MDVSA-2009:096

MANDRIVA - MDVSA-2009:095

FEDORA - FEDORA-2008-5699

CONFIRM - http://wiki.rpath.com/Advisories:rPSA-2009-0060

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2009-155.htm

SUNALERT - 262288

SECUNIA - 35569

SECUNIA - 35559

SECUNIA - 35416

SECUNIA - 34732

SECUNIA - 34729

SECUNIA - 34726

SUSE - SUSE-SR:2009:011

Related Patches

Novell SUSE 2009:6245 ghostscript-fonts-other security update for SLE 10 SP2 i586


Last Updated: 27 May 2016 10:46:36