« List of all CVEs

CVE-2012-4875

Published: 9/6/2012 Last updated: 8/6/2024 Reserved: 9/6/2012

Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to reproduce the issue and disputed it

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-ghostscript

Products affected (1)

Product Vendor Version
n/a n/a SXR2230P

References (8)