Some vulnerabilities have been reported in GhostScript, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.
1) An error in the processing of PostScript files can be exploited to cause a memory corruption via recursive function calls and may allow execution of arbitrary code via a specially crafted PostScript file.
2) An error in the handling of overly long identifiers can be exploited to cause a stack-based buffer overflow via a specially crafted PostScript file.
Successful exploitation allows execution of arbitrary code.
3) An off-by-one error in "Ins_MINDEX()" within the TrueType bytecode interpreter can be exploited to corrupt heap-based memory via a file with a specially crafted TrueType font.
These vulnerabilities are reported in 8.70. Other versions may also be affected.
4) An input validation error in the font interpreters can be exploited to cause a crash via a specially crafted PDF file.
Solution: Update to version 8.71, which fixes vulnerabilities #2, #3, and #4. Do not process untrusted PostScript files.
Provided and/or discovered by: 1) Dan Rosenberg
2) Independently discovered by Dan Rosenberg and Rodrigo Rubira Branco, Check Point Vulnerability Discovery Team (VDT).
3, 4) Jonathan Brossard, Toucan System
Original Advisory: Dan Rosenberg:
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org