FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
ca8e56d5-e856-11dc-b5af-0017319806e7ghostscript -- zseticcspace() function buffer overflow vulnerability

Chris Evans from the Google Security Team reports:

Severity: parsing of evil PostScript file will result in arbitrary code execution.

A stack-based buffer overflow in the zseticcspace() function in zicc.c allows remote arbitrary code execution via a malicious PostScript file (.ps) that contains a long Range array.


Discovery 2008-02-28
Entry 2008-03-05
ghostscript-gpl
ghostscript-gpl-nox11
< 8.61_2

28017
CVE-2008-0411
http://scary.beasts.org/security/CESA-2008-001.html