espgs/ghostscript

— filed under: Security

Description

Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.

New package is available for VectorLinux 5.9, we recommend to upgrade the espgs package to the latest in the testing repository.

Document Actions

Send this
Print this

Powered by Plone
Valid XHTML
Valid CSS
Section 508
WCAG