QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2009-0196

Back to search

CVE-2009-0196

Published: Apr 16, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run length value.

VendorProductVersions

n/a

n/a

affected
n/a

References

RHSA-2009:0421
vendor-advisory
x_refsource_REDHAT
FEDORA-2009-3709
vendor-advisory
x_refsource_FEDORA
GLSA-201412-17
vendor-advisory
x_refsource_GENTOO
ADV-2009-0983
vdb-entry
x_refsource_VUPEN
34445
vdb-entry
x_refsource_BID
262288
vendor-advisory
x_refsource_SUNALERT
34292
third-party-advisory
x_refsource_SECUNIA
20090417 rPSA-2009-0060-1 ghostscript
mailing-list
x_refsource_BUGTRAQ
34729
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2009:011
vendor-advisory
x_refsource_SUSE
oval:org.mitre.oval:def:10533
vdb-entry
signature
x_refsource_OVAL
MDVSA-2009:095
vendor-advisory
x_refsource_MANDRIVA
FEDORA-2009-3710
vendor-advisory
x_refsource_FEDORA
34732
third-party-advisory
x_refsource_SECUNIA
35569
third-party-advisory
x_refsource_SECUNIA
ADV-2009-1708
vdb-entry
x_refsource_VUPEN
1022029
vdb-entry
x_refsource_SECTRACK
35559
third-party-advisory
x_refsource_SECUNIA
35416
third-party-advisory
x_refsource_SECUNIA
USN-757-1
vendor-advisory
x_refsource_UBUNTU
53492
vdb-entry
x_refsource_OSVDB
SUSE-SR:2009:009
vendor-advisory
x_refsource_SUSE
34667
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now