Launchpad.net

CVE 2007-6725

The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_decode_2d function.

Related bugs and status

CVE-2007-6725 (Candidate) is related to these bugs:

Bug #352920: Update ghostscript to version 8.61.dfsg.1-1ubuntu3.2

Summary				In	Importance	Status
	352920	Update ghostscript to version 8.61.dfsg.1-1ubuntu3.2		The Dell Mini Project	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2009040...
CONFIRM: https://bugzilla.redha...
CONFIRM: https://bugzilla.redha...
FEDORA: FEDORA-2008-5699
REDHAT: RHSA-2009:0420
BID: 34337
SECUNIA: 34726
REDHAT: RHSA-2009:0421
SECUNIA: 34732
CONFIRM: http://wiki.rpath.com/...
SECUNIA: 34729
MANDRIVA: MDVSA-2009:095
MANDRIVA: MDVSA-2009:096
CONFIRM: http://support.avaya.c...
SUSE: SUSE-SR:2009:011
SECUNIA: 35416
SUNALERT: 262288
SECUNIA: 35559
SECUNIA: 35569
VUPEN: ADV-2009-1708
OVAL: oval:org.mitre.oval:de...
UBUNTU: USN-757-1
BUGTRAQ: 20090417 rPSA-2009-006...