Vulnerability Note VU#644319
Ghostscript Heap Corruption in TrueType bytecode interpreter
The TrueType bytecode interpreter which is a part of Ghostscript is prone to heap corruption.
Ghostscript includes a TrueType bytecode interpreter which is prone to an off by one bug which causes heap corruption. Further details can be found in the Ghostscript Bug #691044, Ghostscript r10602 commit statement and Toucan System's TSSA-2010-01 advisory.
An attacker may use a specially crafted document with a malformed TrueType font to cause a denial of service condition or execute arbitrary code.
Upgrade to Ghostscript 8.71 or newer.
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Artifex Software, Inc.||Affected||03 Aug 2010||24 Aug 2010|
CVSS Metrics (Learn More)
Thanks to Jonathan Brossard for reporting this vulnerability.
This document was written by Jared Allar.
- CVE IDs: CVE-2009-3743
- Date Public: 24 Aug 2010
- Date First Published: 24 Aug 2010
- Date Last Updated: 06 Dec 2010
- Severity Metric: 0.45
- Document Revision: 34
If you have feedback, comments, or additional information about this vulnerability, please send us email.