Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to reproduce the issue and disputed it
References
Configurations
History
21 Nov 2024, 01:43
Type | Values Removed | Values Added |
---|---|---|
References | () http://bugs.ghostscript.com/show_bug.cgi?id=692856 - | |
References | () http://secunia.com/advisories/47855 - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/52864 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/74554 - |
07 Nov 2023, 02:12
Type | Values Removed | Values Added |
---|---|---|
Summary | Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to reproduce the issue and disputed it |
Information
Published : 2012-09-06 21:55
Updated : 2024-11-21 01:43
NVD link : CVE-2012-4875
Mitre link : CVE-2012-4875
CVE.ORG link : CVE-2012-4875
JSON object : View
Products Affected
artifex
- gpl_ghostscript
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer