CVE-2009-0196 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:C/I:C/A:C
flexera	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 93%

Vendor	Product	Version
ghostscript	ghostscript	𝑥 ≤ 8.64
ghostscript	ghostscript	5.50
ghostscript	ghostscript	7.07
ghostscript	ghostscript	8.0.1
ghostscript	ghostscript	8.15
ghostscript	ghostscript	8.15.2
ghostscript	ghostscript	8.54
ghostscript	ghostscript	8.56
ghostscript	ghostscript	8.57
ghostscript	ghostscript	8.60
ghostscript	ghostscript	8.61
ghostscript	ghostscript	8.62
ghostscript	ghostscript	8.63

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

ghostscript

bullseye	9.53.3~dfsg-7+deb11u7 fixed
bullseye (security)	9.53.3~dfsg-7+deb11u8 fixed
bookworm	10.0.0~dfsg-11+deb12u4 fixed
bookworm (security)	10.0.0~dfsg-11+deb12u5 fixed
sid	10.04.0~dfsg-1 fixed
trixie	10.04.0~dfsg-1 fixed

jbig2dec

bullseye	0.19-2 fixed
bookworm	0.19-3 fixed
sid	0.20-1 fixed
trixie	0.20-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

ghostscript

karmic	Fixed 8.64.dfsg.1-0ubuntu8 released
jaunty	Fixed 8.64.dfsg.1-0ubuntu8 released
intrepid	Fixed 8.63.dfsg.1-0ubuntu6.4 released
hardy	Fixed 8.61.dfsg.1-1ubuntu3.2 released
gutsy	ignored
dapper	dne

gs-afpl

karmic	dne
jaunty	dne
intrepid	dne
hardy	dne
gutsy	dne
dapper	ignored

gs-esp

karmic	dne
jaunty	dne
intrepid	dne
hardy	dne
gutsy	dne
dapper	Fixed 8.15.2.dfsg.0ubuntu1-0ubuntu1.2 released

gs-gpl

karmic	dne
jaunty	dne
intrepid	dne
hardy	dne
gutsy	dne
dapper	Fixed 8.15-4ubuntu3.3 released

Known Exploits!

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

http://osvdb.org/53492

http://secunia.com/advisories/34292

http://secunia.com/advisories/34667

http://secunia.com/advisories/34729

http://secunia.com/advisories/34732

http://secunia.com/advisories/35416

http://secunia.com/advisories/35559

http://secunia.com/advisories/35569

http://secunia.com/secunia_research/2009-21/

http://security.gentoo.org/glsa/glsa-201412-17.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1

http://wiki.rpath.com/Advisories:rPSA-2009-0060

http://www.mandriva.com/security/advisories?name=MDVSA-2009:095

http://www.redhat.com/support/errata/RHSA-2009-0421.html

http://www.securityfocus.com/archive/1/502586/100/0/threaded

http://www.securityfocus.com/archive/1/502757/100/0/threaded

http://www.securityfocus.com/bid/34445

http://www.securitytracker.com/id?1022029

http://www.vupen.com/english/advisories/2009/0983

http://www.vupen.com/english/advisories/2009/1708

https://bugzilla.redhat.com/attachment.cgi?id=337747

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10533

https://usn.ubuntu.com/757-1/

https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00460.html

https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00461.html

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

http://osvdb.org/53492

http://secunia.com/advisories/34292

http://secunia.com/advisories/34667

http://secunia.com/advisories/34729

http://secunia.com/advisories/34732

http://secunia.com/advisories/35416

http://secunia.com/advisories/35559

http://secunia.com/advisories/35569

http://secunia.com/secunia_research/2009-21/

http://security.gentoo.org/glsa/glsa-201412-17.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1

http://wiki.rpath.com/Advisories:rPSA-2009-0060

http://www.mandriva.com/security/advisories?name=MDVSA-2009:095

http://www.redhat.com/support/errata/RHSA-2009-0421.html

http://www.securityfocus.com/archive/1/502586/100/0/threaded

http://www.securityfocus.com/archive/1/502757/100/0/threaded

http://www.securityfocus.com/bid/34445

http://www.securitytracker.com/id?1022029

http://www.vupen.com/english/advisories/2009/0983

http://www.vupen.com/english/advisories/2009/1708

https://bugzilla.redhat.com/attachment.cgi?id=337747

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10533

https://usn.ubuntu.com/757-1/

https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00460.html

https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00461.html