CVE-2009-3743

Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed TrueType font in a document that trigger an integer overflow and a heap-based buffer overflow.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Affected Products (NVD)
VendorProductVersion
artifexafpl_ghostscript
6.0
artifexafpl_ghostscript
6.01
artifexafpl_ghostscript
6.50
artifexafpl_ghostscript
7.00
artifexafpl_ghostscript
7.03
artifexafpl_ghostscript
7.04
artifexafpl_ghostscript
8.00
artifexafpl_ghostscript
8.11
artifexafpl_ghostscript
8.12
artifexafpl_ghostscript
8.13
artifexafpl_ghostscript
8.14
artifexafpl_ghostscript
8.50
artifexafpl_ghostscript
8.51
artifexafpl_ghostscript
8.52
artifexafpl_ghostscript
8.53
artifexafpl_ghostscript
8.54
artifexghostscript_fonts
6.0
artifexghostscript_fonts
8.11
artifexgpl_ghostscript
𝑥
≤ 8.70
artifexgpl_ghostscript
8.01
artifexgpl_ghostscript
8.15
artifexgpl_ghostscript
8.50
artifexgpl_ghostscript
8.51
artifexgpl_ghostscript
8.54
artifexgpl_ghostscript
8.56
artifexgpl_ghostscript
8.57
artifexgpl_ghostscript
8.60
artifexgpl_ghostscript
8.61
artifexgpl_ghostscript
8.62
artifexgpl_ghostscript
8.63
artifexgpl_ghostscript
8.64
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ghostscript
bookworm
10.0.0~dfsg-11+deb12u4
fixed
bookworm (security)
10.0.0~dfsg-11+deb12u5
fixed
bullseye
9.53.3~dfsg-7+deb11u7
fixed
bullseye (security)
9.53.3~dfsg-7+deb11u8
fixed
sid
10.04.0~dfsg-1
fixed
trixie
10.04.0~dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ghostscript
dapper
dne
hardy
Fixed 8.61.dfsg.1-1ubuntu3.4
released
jaunty
ignored
karmic
ignored
lucid
not-affected
maverick
not-affected
natty
not-affected
oneiric
not-affected
gs-afpl
dapper
ignored
hardy
dne
jaunty
dne
karmic
dne
lucid
dne
maverick
dne
natty
dne
oneiric
dne
gs-esp
dapper
ignored
hardy
dne
jaunty
dne
karmic
dne
lucid
dne
maverick
dne
natty
dne
oneiric
dne
gs-gpl
dapper
ignored
hardy
dne
jaunty
dne
karmic
dne
lucid
dne
maverick
dne
natty
dne
oneiric
dne
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
ghostscript
RHEL 6
0:8.70-11.el6_2.6
fixed
ghostscript-devel
RHEL 6
0:8.70-11.el6_2.6
fixed
ghostscript-doc
RHEL 6
0:8.70-11.el6_2.6
fixed
ghostscript-gtk
RHEL 6
0:8.70-11.el6_2.6
fixed
Common Weakness Enumeration
References
http://security.gentoo.org/glsa/glsa-201412-17.xml
http://www.kb.cert.org/vuls/id/644319
http://www.kb.cert.org/vuls/id/JALR-87YGN8
http://www.securityfocus.com/archive/1/514892/100/0/threaded
http://www.securitytracker.com/id?1024785
https://rhn.redhat.com/errata/RHSA-2012-0095.html
http://security.gentoo.org/glsa/glsa-201412-17.xml
http://www.kb.cert.org/vuls/id/644319
http://www.kb.cert.org/vuls/id/JALR-87YGN8
http://www.securityfocus.com/archive/1/514892/100/0/threaded
http://www.securitytracker.com/id?1024785
https://rhn.redhat.com/errata/RHSA-2012-0095.html