CVE-2008-0411
EPSS 15.3%gs-esp gs-gpl - arbitrary code execution
發布日:2008/2/28修改日:2026/4/28
描述
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
受影響套件(3)
- Debian/ghostscriptfrom 0, < 8.61.dfsg.1-1.1
- Debian/gs-espfrom 0, < 7.07.1-9sarge1
- Debian/gs-gplfrom 0, < 8.01-6