Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2010-1628

Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter.

Related bugs and status

CVE-2010-1628 (Candidate) is related to these bugs:

Bug #546009: Multiple memory corruption vulnerabilities in Ghostscript

Summary				In	Importance	Status
	546009	Multiple memory corruption vulnerabilities in Ghostscript		ghostscript (Ubuntu)	Medium	Fix Released
	546009	Multiple memory corruption vulnerabilities in Ghostscript		GS-GPL	Critical	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://bugs.ghostscrip...
MISC: https://bugs.launchpad...
MISC: http://seclists.org/fu...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://www.vupen.com/e...
MISC: http://security.gentoo...
MISC: http://www.mandriva.co...
MISC: http://lists.opensuse....
MISC: http://www.ubuntu.com/...
MISC: http://www.openwall.co...
MISC: http://www.openwall.co...