In association with heise online

11 March 2008, 10:52

Flaw in Ghostscript allows malicious code to be injected

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Chris Evans of Google has discovered a security vulnerability in Ghostscript that allows attackers to inject and execute arbitrary program code using manipulated PostScript files.

According to Evans' security advisory, the length value in the zseticcspace() function within PostScript files is not properly checked. Attackers can therefore set arbitrary values for the length of an array, and Ghostscript will attempt to use them. As a result, a stack-based buffer overflow can occur and injected code can be executed.

The flaw affects Ghostscript 8.61 and possibly previous versions. The developers of Ghostscript have released version 8.62, which remedies the flaw. Linux distributors are also now distributing updated packages. Administrators of vulnerable systems are advised to install the updates as soon as possible.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit