CVE-2009-3743

Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed TrueType font in a document that trigger an integer overflow and a heap-based buffer overflow.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
artifexafpl_ghostscript
6.0
artifexafpl_ghostscript
6.01
artifexafpl_ghostscript
6.50
artifexafpl_ghostscript
7.00
artifexafpl_ghostscript
7.03
artifexafpl_ghostscript
7.04
artifexafpl_ghostscript
8.00
artifexafpl_ghostscript
8.11
artifexafpl_ghostscript
8.12
artifexafpl_ghostscript
8.13
artifexafpl_ghostscript
8.14
artifexafpl_ghostscript
8.50
artifexafpl_ghostscript
8.51
artifexafpl_ghostscript
8.52
artifexafpl_ghostscript
8.53
artifexafpl_ghostscript
8.54
artifexghostscript_fonts
6.0
artifexghostscript_fonts
8.11
artifexgpl_ghostscript
𝑥
≤ 8.70
artifexgpl_ghostscript
8.01
artifexgpl_ghostscript
8.15
artifexgpl_ghostscript
8.50
artifexgpl_ghostscript
8.51
artifexgpl_ghostscript
8.54
artifexgpl_ghostscript
8.56
artifexgpl_ghostscript
8.57
artifexgpl_ghostscript
8.60
artifexgpl_ghostscript
8.61
artifexgpl_ghostscript
8.62
artifexgpl_ghostscript
8.63
artifexgpl_ghostscript
8.64
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ghostscript
bullseye
9.53.3~dfsg-7+deb11u7
fixed
bullseye (security)
9.53.3~dfsg-7+deb11u8
fixed
bookworm
10.0.0~dfsg-11+deb12u4
fixed
bookworm (security)
10.0.0~dfsg-11+deb12u5
fixed
sid
10.04.0~dfsg-1
fixed
trixie
10.04.0~dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ghostscript
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
ignored
jaunty
ignored
hardy
Fixed 8.61.dfsg.1-1ubuntu3.4
released
dapper
dne
gs-afpl
oneiric
dne
natty
dne
maverick
dne
lucid
dne
karmic
dne
jaunty
dne
hardy
dne
dapper
ignored
gs-esp
oneiric
dne
natty
dne
maverick
dne
lucid
dne
karmic
dne
jaunty
dne
hardy
dne
dapper
ignored
gs-gpl
oneiric
dne
natty
dne
maverick
dne
lucid
dne
karmic
dne
jaunty
dne
hardy
dne
dapper
ignored
Common Weakness Enumeration
References
http://security.gentoo.org/glsa/glsa-201412-17.xml
http://www.kb.cert.org/vuls/id/644319
http://www.kb.cert.org/vuls/id/JALR-87YGN8
http://www.securityfocus.com/archive/1/514892/100/0/threaded
http://www.securitytracker.com/id?1024785
https://rhn.redhat.com/errata/RHSA-2012-0095.html
http://security.gentoo.org/glsa/glsa-201412-17.xml
http://www.kb.cert.org/vuls/id/644319
http://www.kb.cert.org/vuls/id/JALR-87YGN8
http://www.securityfocus.com/archive/1/514892/100/0/threaded
http://www.securitytracker.com/id?1024785
https://rhn.redhat.com/errata/RHSA-2012-0095.html