Some vulnerabilities have been reported in GhostScript, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.

1) An error in the processing of PostScript files can be exploited to cause a memory corruption via recursive function calls and may allow execution of arbitrary code via a specially crafted PostScript file.

2) An error in the handling of overly long identifiers can be exploited to cause a stack-based buffer overflow via a specially crafted PostScript file.

Successful exploitation allows execution of arbitrary code.

3) An off-by-one error in "Ins_MINDEX()" within the TrueType bytecode interpreter can be exploited to corrupt heap-based memory via a file with a specially crafted TrueType font.

These vulnerabilities are reported in 8.70. Other versions may also be affected.

4) An input validation error in the font interpreters can be exploited to cause a crash via a specially crafted PDF file.

Solution
Update to version 8.71, which fixes vulnerabilities #2, #3, and #4. Do not process untrusted PostScript files.

Provided and/or discovered by
1) Dan Rosenberg
2) Independently discovered by Dan Rosenberg and Rodrigo Rubira Branco, Check Point Vulnerability Discovery Team (VDT).
3, 4) Jonathan Brossard, Toucan System

Changelog
Further details available to Secunia VIM customers

Original Advisory
Dan Rosenberg:
http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0135.html
https://bugs.launchpad.net/ubuntu/+source/ghostscript/+bug/546009
http://bugs.ghostscript.com/show_bug.cgi?id=691295

Jonathan Brossard:
http://www.toucan-system.com/advisories/tssa-2010-01.txt

Other references
Further details available to Secunia VIM customers

Deep Links
Links available to Secunia VIM customers