BID:52864

Ghostscript 'OutputFile' Parameter Heap Based Buffer Overflow Vulnerability

Info

Ghostscript 'OutputFile' Parameter Heap Based Buffer Overflow Vulnerability

Bugtraq ID:	52864
Class:	Boundary Condition Error
CVE:	CVE-2012-4875
Remote:	Yes
Local:	No
Published:	Apr 03 2012 12:00AM
Updated:	Apr 13 2015 09:01PM
Credit:	Andrei Costin
Vulnerable:	Ghostscript Ghostscript 9.04

Not Vulnerable:	Ghostscript Ghostscript 9.05

Discussion

Ghostscript 'OutputFile' Parameter Heap Based Buffer Overflow Vulnerability

Ghostscript is prone to a remote heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to insufficiently sized buffers.

Successful exploits may allow remote attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

Ghostscript 9.04 is vulnerable; other versions may also be affected.

Exploit / POC

Ghostscript 'OutputFile' Parameter Heap Based Buffer Overflow Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Ghostscript 'OutputFile' Parameter Heap Based Buffer Overflow Vulnerability

Solution:
Updates are available. Please see the references for more information.

References

Ghostscript 'OutputFile' Parameter Heap Based Buffer Overflow Vulnerability

References:

Bug 692856 - Ghostscript Buffer Overflow Vulnerability (Marcos H. Woehrmann )
Ghostscript Homepage (Ghostscript)