ID CVE-2010-2055
Summary Ghostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option to the gs program, as demonstrated using gs_init.ps, a different vulnerability than CVE-2010-4820.
References
Vulnerable Configurations
  • Artifex AFPL Ghostscript 7.04
    cpe:2.3:a:artifex:afpl_ghostscript:7.04
  • Artifex AFPL Ghostscript 7.03
    cpe:2.3:a:artifex:afpl_ghostscript:7.03
  • Artifex AFPL Ghostscript 7.00
    cpe:2.3:a:artifex:afpl_ghostscript:7.00
  • Artifex AFPL Ghostscript 6.50
    cpe:2.3:a:artifex:afpl_ghostscript:6.50
  • Artifex AFPL Ghostscript 6.01
    cpe:2.3:a:artifex:afpl_ghostscript:6.01
  • Artifex AFPL Ghostscript 6.0
    cpe:2.3:a:artifex:afpl_ghostscript:6.0
  • Artifex GPL Ghostscript 8.64
    cpe:2.3:a:artifex:gpl_ghostscript:8.64
  • Artifex AFPL Ghostscript 8.52
    cpe:2.3:a:artifex:afpl_ghostscript:8.52
  • Artifex AFPL Ghostscript 8.51
    cpe:2.3:a:artifex:afpl_ghostscript:8.51
  • Artifex AFPL Ghostscript 8.50
    cpe:2.3:a:artifex:afpl_ghostscript:8.50
  • Artifex AFPL Ghostscript 8.14
    cpe:2.3:a:artifex:afpl_ghostscript:8.14
  • Artifex AFPL Ghostscript 8.13
    cpe:2.3:a:artifex:afpl_ghostscript:8.13
  • Artifex AFPL Ghostscript 8.12
    cpe:2.3:a:artifex:afpl_ghostscript:8.12
  • Artifex AFPL Ghostscript 8.11
    cpe:2.3:a:artifex:afpl_ghostscript:8.11
  • Artifex AFPL Ghostscript 8.00
    cpe:2.3:a:artifex:afpl_ghostscript:8.00
  • Artifex GPL Ghostscript 8.15
    cpe:2.3:a:artifex:gpl_ghostscript:8.15
  • Artifex GPL Ghostscript 8.50
    cpe:2.3:a:artifex:gpl_ghostscript:8.50
  • Artifex Ghostscript Fonts 8.11
    cpe:2.3:a:artifex:ghostscript_fonts:8.11
  • Artifex GPL Ghostscript 8.01
    cpe:2.3:a:artifex:gpl_ghostscript:8.01
  • Artifex Ghostscript Fonts 6.0
    cpe:2.3:a:artifex:ghostscript_fonts:6.0
  • Artifex GPL Ghostscript 8.62
    cpe:2.3:a:artifex:gpl_ghostscript:8.62
  • Artifex GPL Ghostscript 8.63
    cpe:2.3:a:artifex:gpl_ghostscript:8.63
  • Artifex GPL Ghostscript 8.60
    cpe:2.3:a:artifex:gpl_ghostscript:8.60
  • Artifex GPL Ghostscript 8.61
    cpe:2.3:a:artifex:gpl_ghostscript:8.61
  • Artifex GPL Ghostscript 8.56
    cpe:2.3:a:artifex:gpl_ghostscript:8.56
  • Artifex GPL Ghostscript 8.57
    cpe:2.3:a:artifex:gpl_ghostscript:8.57
  • Artifex GPL Ghostscript 8.51
    cpe:2.3:a:artifex:gpl_ghostscript:8.51
  • Artifex GPL Ghostscript 8.54
    cpe:2.3:a:artifex:gpl_ghostscript:8.54
  • Artifex AFPL Ghostscript 8.53
    cpe:2.3:a:artifex:afpl_ghostscript:8.53
  • Artifex AFPL Ghostscript 8.54
    cpe:2.3:a:artifex:afpl_ghostscript:8.54
  • Artifex Gpl Ghostscript 8.71
    cpe:2.3:a:artifex:gpl_ghostscript:8.71
  • Artifex GPL Ghostscript 8.70
    cpe:2.3:a:artifex:gpl_ghostscript:8.70
CVSS
Base: 7.2 (as of 09-01-2015 - 13:33)
Impact:
Exploitability:
CWE CWE-17
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-14549.NASL
    description This package fixes a security problem (CVE-2010-2055) in ghostscript whereby gs uses the current working directory to look for certain types of system file. This has been fixed by changing the default behaviour. Additionally, several other bugs have been fixed: scripts defining GS_EXECUTABLE have been corrected; an epstopdf failure has been fixed; some crashes that could occur in some situations have been fixed; the Fontmap.local file is once again honoured. Further, the cups driver can now use automatic memory allocation. To enable this feature, put 'RIPCache auto' in /etc/cups/cupsd.conf. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 49937
    published 2010-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49937
    title Fedora 14 : ghostscript-8.71-16.fc14 (2010-14549)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201412-17.NASL
    description The remote host is affected by the vulnerability described in GLSA-201412-17 (GPL Ghostscript: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could entice a user to open a specially crafted PostScript file or PDF using GPL Ghostscript, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2016-11-11
    plugin id 79970
    published 2014-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79970
    title GLSA-201412-17 : GPL Ghostscript: Multiple vulnerabilities
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2012-42.NASL
    description An integer overflow flaw was found in Ghostscript's TrueType bytecode interpreter. An attacker could create a specially crafted PostScript or PDF file that, when interpreted, could cause Ghostscript to crash or, potentially, execute arbitrary code. (CVE-2009-3743) It was found that Ghostscript always tried to read Ghostscript system initialization files from the current working directory before checking other directories, even if a search path that did not contain the current working directory was specified with the '-I' option, or the '-P-' option was used (to prevent the current working directory being searched first). If a user ran Ghostscript in an attacker-controlled directory containing a system initialization file, it could cause Ghostscript to execute arbitrary PostScript code. (CVE-2010-2055) Ghostscript included the current working directory in its library search path by default. If a user ran Ghostscript without the '-P-' option in an attacker-controlled directory containing a specially crafted PostScript library file, it could cause Ghostscript to execute arbitrary PostScript code. With this update, Ghostscript no longer searches the current working directory for library files by default. (CVE-2010-4820) Note: The fix for CVE-2010-4820 could possibly break existing configurations. To use the previous, vulnerable behavior, run Ghostscript with the '-P' option (to always search the current working directory first). A flaw was found in the way Ghostscript interpreted PostScript Type 1 and PostScript Type 2 font files. An attacker could create a specially crafted PostScript Type 1 or PostScript Type 2 font file that, when interpreted, could cause Ghostscript to crash or, potentially, execute arbitrary code. (CVE-2010-4054)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 69649
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69649
    title Amazon Linux AMI : ghostscript (ALAS-2012-42)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_GHOSTSCRIPT-DEVEL-100712.NASL
    description Specially crafted postscript (.ps) files could cause buffer overflows in ghostscript that could potentially be exploited to execute arbitrary code (CVE-2010-1628, CVE-2010-1869, CVE-2009-4270) ghostscript by default read some initialization files from the current working directory. Local attackers could potentially exploit that to have other users execute arbitrary commands by placing such files e.g. in /tmp (CVE-2010-2055).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 48233
    published 2010-08-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48233
    title openSUSE Security Update : ghostscript-devel (openSUSE-SU-2010:0425-2)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20120202_GHOSTSCRIPT_ON_SL5_X.NASL
    description Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. An integer overflow flaw was found in Ghostscript's TrueType bytecode interpreter. An attacker could create a specially crafted PostScript or PDF file that, when interpreted, could cause Ghostscript to crash or, potentially, execute arbitrary code. (CVE-2009-3743) It was found that Ghostscript always tried to read Ghostscript system initialization files from the current working directory before checking other directories, even if a search path that did not contain the current working directory was specified with the '-I' option, or the '-P-' option was used (to prevent the current working directory being searched first). If a user ran Ghostscript in an attacker-controlled directory containing a system initialization file, it could cause Ghostscript to execute arbitrary PostScript code. (CVE-2010-2055) Ghostscript included the current working directory in its library search path by default. If a user ran Ghostscript without the '-P-' option in an attacker-controlled directory containing a specially crafted PostScript library file, it could cause Ghostscript to execute arbitrary PostScript code. With this update, Ghostscript no longer searches the current working directory for library files by default. (CVE-2010-4820) Note: The fix for CVE-2010-4820 could possibly break existing configurations. To use the previous, vulnerable behavior, run Ghostscript with the '-P' option (to always search the current working directory first). A flaw was found in the way Ghostscript interpreted PostScript Type 1 and PostScript Type 2 font files. An attacker could create a specially crafted PostScript Type 1 or PostScript Type 2 font file that, when interpreted, could cause Ghostscript to crash or, potentially, execute arbitrary code. (CVE-2010-4054) Users of Ghostscript are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 61236
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61236
    title Scientific Linux Security Update : ghostscript on SL5.x, SL6.x i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_GHOSTSCRIPT-DEVEL-100714.NASL
    description ghostscript by default read some initialization files from the current working directory. Local attackers could potentially exploit that to have other users execute arbitrary commands by placing such files e.g. in /tmp (CVE-2010-2055).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75512
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75512
    title openSUSE Security Update : ghostscript-devel (openSUSE-SU-2010:0451-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-10642.NASL
    description - Update to 3.7.1 to fix CVE-2010-2055 and CVE-2010-2056 - Disable international support to avoid segfault on exit Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 47685
    published 2010-07-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47685
    title Fedora 13 : gv-3.7.1-1.fc13 (2010-10642)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-0095.NASL
    description Updated ghostscript packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. An integer overflow flaw was found in Ghostscript's TrueType bytecode interpreter. An attacker could create a specially crafted PostScript or PDF file that, when interpreted, could cause Ghostscript to crash or, potentially, execute arbitrary code. (CVE-2009-3743) It was found that Ghostscript always tried to read Ghostscript system initialization files from the current working directory before checking other directories, even if a search path that did not contain the current working directory was specified with the '-I' option, or the '-P-' option was used (to prevent the current working directory being searched first). If a user ran Ghostscript in an attacker-controlled directory containing a system initialization file, it could cause Ghostscript to execute arbitrary PostScript code. (CVE-2010-2055) Ghostscript included the current working directory in its library search path by default. If a user ran Ghostscript without the '-P-' option in an attacker-controlled directory containing a specially crafted PostScript library file, it could cause Ghostscript to execute arbitrary PostScript code. With this update, Ghostscript no longer searches the current working directory for library files by default. (CVE-2010-4820) Note: The fix for CVE-2010-4820 could possibly break existing configurations. To use the previous, vulnerable behavior, run Ghostscript with the '-P' option (to always search the current working directory first). A flaw was found in the way Ghostscript interpreted PostScript Type 1 and PostScript Type 2 font files. An attacker could create a specially crafted PostScript Type 1 or PostScript Type 2 font file that, when interpreted, could cause Ghostscript to crash or, potentially, execute arbitrary code. (CVE-2010-4054) Users of Ghostscript are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 57809
    published 2012-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57809
    title CentOS 5 / 6 : ghostscript (CESA-2012:0095)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-0095.NASL
    description Updated ghostscript packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. An integer overflow flaw was found in Ghostscript's TrueType bytecode interpreter. An attacker could create a specially crafted PostScript or PDF file that, when interpreted, could cause Ghostscript to crash or, potentially, execute arbitrary code. (CVE-2009-3743) It was found that Ghostscript always tried to read Ghostscript system initialization files from the current working directory before checking other directories, even if a search path that did not contain the current working directory was specified with the '-I' option, or the '-P-' option was used (to prevent the current working directory being searched first). If a user ran Ghostscript in an attacker-controlled directory containing a system initialization file, it could cause Ghostscript to execute arbitrary PostScript code. (CVE-2010-2055) Ghostscript included the current working directory in its library search path by default. If a user ran Ghostscript without the '-P-' option in an attacker-controlled directory containing a specially crafted PostScript library file, it could cause Ghostscript to execute arbitrary PostScript code. With this update, Ghostscript no longer searches the current working directory for library files by default. (CVE-2010-4820) Note: The fix for CVE-2010-4820 could possibly break existing configurations. To use the previous, vulnerable behavior, run Ghostscript with the '-P' option (to always search the current working directory first). A flaw was found in the way Ghostscript interpreted PostScript Type 1 and PostScript Type 2 font files. An attacker could create a specially crafted PostScript Type 1 or PostScript Type 2 font file that, when interpreted, could cause Ghostscript to crash or, potentially, execute arbitrary code. (CVE-2010-4054) Users of Ghostscript are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 57822
    published 2012-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57822
    title RHEL 5 / 6 : ghostscript (RHSA-2012:0095)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-14640.NASL
    description This package fixes a security problem (CVE-2010-2055) in ghostscript whereby gs uses the current working directory to look for certain types of system file. This has been fixed by changing the default behaviour. Additionally, several other bugs have been fixed: scripts defining GS_EXECUTABLE have been corrected; an epstopdf failure has been fixed; some crashes that could occur in some situations have been fixed; the Fontmap.local file is once again honoured. Further, the cups driver can now use automatic memory allocation. To enable this feature, put 'RIPCache auto' in /etc/cups/cupsd.conf. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 49938
    published 2010-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49938
    title Fedora 13 : ghostscript-8.71-16.fc13 (2010-14640)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-0095.NASL
    description From Red Hat Security Advisory 2012:0095 : Updated ghostscript packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. An integer overflow flaw was found in Ghostscript's TrueType bytecode interpreter. An attacker could create a specially crafted PostScript or PDF file that, when interpreted, could cause Ghostscript to crash or, potentially, execute arbitrary code. (CVE-2009-3743) It was found that Ghostscript always tried to read Ghostscript system initialization files from the current working directory before checking other directories, even if a search path that did not contain the current working directory was specified with the '-I' option, or the '-P-' option was used (to prevent the current working directory being searched first). If a user ran Ghostscript in an attacker-controlled directory containing a system initialization file, it could cause Ghostscript to execute arbitrary PostScript code. (CVE-2010-2055) Ghostscript included the current working directory in its library search path by default. If a user ran Ghostscript without the '-P-' option in an attacker-controlled directory containing a specially crafted PostScript library file, it could cause Ghostscript to execute arbitrary PostScript code. With this update, Ghostscript no longer searches the current working directory for library files by default. (CVE-2010-4820) Note: The fix for CVE-2010-4820 could possibly break existing configurations. To use the previous, vulnerable behavior, run Ghostscript with the '-P' option (to always search the current working directory first). A flaw was found in the way Ghostscript interpreted PostScript Type 1 and PostScript Type 2 font files. An attacker could create a specially crafted PostScript Type 1 or PostScript Type 2 font file that, when interpreted, could cause Ghostscript to crash or, potentially, execute arbitrary code. (CVE-2010-4054) Users of Ghostscript are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 68450
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68450
    title Oracle Linux 5 / 6 : ghostscript (ELSA-2012-0095)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-10660.NASL
    description - Update to 3.7.1 to fix CVE-2010-2055 and CVE-2010-2056 - Disable international support to avoid segfault on exit Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 47686
    published 2010-07-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47686
    title Fedora 12 : gv-3.7.1-1.fc12 (2010-10660)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_GHOSTSCRIPT-DEVEL-100712.NASL
    description Specially crafted postscript (.ps) files could cause buffer overflows in ghostscript that could potentially be exploited to execute arbitrary code (CVE-2010-1628, CVE-2010-1869, CVE-2009-4270) ghostscript by default read some initialization files from the current working directory. Local attackers could potentially exploit that to have other users execute arbitrary commands by placing such files e.g. in /tmp (CVE-2010-2055).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 47815
    published 2010-07-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47815
    title openSUSE Security Update : ghostscript-devel (openSUSE-SU-2010:0425-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_GHOSTSCRIPT-DEVEL-100712.NASL
    description Specially crafted postscript (.ps) files could cause buffer overflows in ghostscript that could potentially be exploited to execute arbitrary code (CVE-2010-1628, CVE-2010-1869, CVE-2009-4270) ghostscript by default read some initialization files from the current working directory. Local attackers could potentially exploit that to have other users execute arbitrary commands by placing such files e.g. in /tmp (CVE-2010-2055).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 48236
    published 2010-08-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48236
    title openSUSE Security Update : ghostscript-devel (openSUSE-SU-2010:0425-2)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_GHOSTSCRIPT-DEVEL-100712.NASL
    description This update for ghostscript fixes the following security issues : - Specially crafted postscript (.ps) files can cause buffer overflows in ghostscript that could potentially be exploited to execute arbitrary code. (CVE-2010-1869 / CVE-2010-1628 / CVE-2009-4270) - By default, ghostscript reads certain initialization files from the current working directory. Local attackers could potentially exploit this to have other users execute arbitrary commands by placing such files, e.g. in /tmp. (CVE-2010-2055)
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 50909
    published 2010-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50909
    title SuSE 11 / 11.1 Security Update : ghostscript (SAT Patch Numbers 2708 / 2709)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-14633.NASL
    description This package fixes a security problem (CVE-2010-2055) in ghostscript whereby gs uses the current working directory to look for certain types of system file. This has been fixed by changing the default behaviour. Additionally, several other bugs have been fixed: scripts defining GS_EXECUTABLE have been corrected; an epstopdf failure has been fixed; some crashes that could occur in some situations have been fixed; the Fontmap.local file is once again honoured. Further, the cups driver can now use automatic memory allocation. To enable this feature, put 'RIPCache auto' in /etc/cups/cupsd.conf. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 49979
    published 2010-10-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49979
    title Fedora 12 : ghostscript-8.71-16.fc12 (2010-14633)
redhat via4
advisories
rhsa
id RHSA-2012:0095
rpms
  • ghostscript-0:8.70-6.el5_7.6
  • ghostscript-devel-0:8.70-6.el5_7.6
  • ghostscript-gtk-0:8.70-6.el5_7.6
  • ghostscript-0:8.70-11.el6_2.6
  • ghostscript-devel-0:8.70-11.el6_2.6
  • ghostscript-doc-0:8.70-11.el6_2.6
  • ghostscript-gtk-0:8.70-11.el6_2.6
refmap via4
bugtraq
  • 20100522 Ghostscript 8.64 executes random code at startup
  • 20100526 Re: Ghostscript 8.64 executes random code at startup
confirm
fedora
  • FEDORA-2010-10642
  • FEDORA-2010-10660
gentoo GLSA-201412-17
osvdb 66247
secunia
  • 40452
  • 40475
  • 40532
suse SUSE-SR:2010:014
vupen ADV-2010-1757
Last major update 09-01-2015 - 18:44
Published 22-07-2010 - 01:43
Back to Top