Artifex Software, Inc. Information for VU#644319

Ghostscript Heap Corruption in TrueType bytecode interpreter



Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References



The reporter initially contacted the vendor 10-26-2009.

Vendor fixed the vulnerability on 01-11-2010 without mentioning security implications.
The reporter contacted CERT 07-20-2010.
CERT contacted the vendor 08-03-2010.

If you have feedback, comments, or additional information about this vulnerability, please send us email.