FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  371321
Date:      2014-10-21
Time:      13:58:33Z
Committer: madpilot

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
ca8e56d5-e856-11dc-b5af-0017319806e7ghostscript -- zseticcspace() function buffer overflow vulnerability

Chris Evans from the Google Security Team reports:

Severity: parsing of evil PostScript file will result in arbitrary code execution.

A stack-based buffer overflow in the zseticcspace() function in zicc.c allows remote arbitrary code execution via a malicious PostScript file (.ps) that contains a long Range array.


Discovery 2008-02-28
Entry 2008-03-05
ghostscript-gpl
ghostscript-gpl-nox11
lt 8.61_2

28017
CVE-2008-0411
http://scary.beasts.org/security/CESA-2008-001.html
ca8e56d5-e856-11dc-b5af-0017319806e7ghostscript -- zseticcspace() function buffer overflow vulnerability

Chris Evans from the Google Security Team reports:

Severity: parsing of evil PostScript file will result in arbitrary code execution.

A stack-based buffer overflow in the zseticcspace() function in zicc.c allows remote arbitrary code execution via a malicious PostScript file (.ps) that contains a long Range array.


Discovery 2008-02-28
Entry 2008-03-05
ghostscript-gpl
ghostscript-gpl-nox11
lt 8.61_2

28017
CVE-2008-0411
http://scary.beasts.org/security/CESA-2008-001.html