CVE-2008-6679Improper Restriction of Operations within the Bounds of a Memory Buffer in Ghostscript

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer10 documents8 sources
Severity
5.0MEDIUMNVD
EPSS
6.1%
top 9.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Artifex GhostscriptGhostscript
Timeline
PublishedApr 8
Latest updateMay 14

Description

Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service (ps2pdf crash) and possibly execute arbitrary code via a crafted Postscript file.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

Debianartifex/ghostscript< 8.64~dfsg-1+3

🔴Vulnerability Details

3
GHSA
GHSA-6p24-mjw7-mgwh: Buffer overflow in the BaseFont writer module in Ghostscript 82022-05-14
OSV
CVE-2008-6679: Buffer overflow in the BaseFont writer module in Ghostscript 82009-04-08
CVEList
CVE-2008-6679: Buffer overflow in the BaseFont writer module in Ghostscript 82009-04-08

📋Vendor Advisories

3
Ubuntu
Ghostscript vulnerabilities2009-04-15
Red Hat
ghostscript: Buffer overflow in BaseFont writer module for pdfwrite device2008-12-22
Debian
CVE-2008-6679: ghostscript - Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly ...2008

💬Community

3
Bugzilla
CVE-2008-6679 CVE-2009-0196 CVE-2009-0792 ghostscript various flaws [F10]2009-04-15
Bugzilla
CVE-2008-6679 CVE-2009-0196 CVE-2009-0792 ghostscript various flaws [F9]2009-04-15
Bugzilla
CVE-2008-6679 ghostscript: Buffer overflow in BaseFont writer module for pdfwrite device2009-04-01
CVE-2008-6679 — Ghostscript vulnerability | cvebase