CVE-2010-1628

Name of the Vulnerable Software and Affected Versions Ghostscript versions 8.64, 8.70 gs-aladdin (affected versions not specified) gs (affected versions not specified) gs-common (affected versions not specified) gs-esp (affected versions not specified) libgs8 (affected versions not specified) gs-gpl (affected versions not specified) libgs-dev (affected versions not specified)

Description The issue involves multiple vulnerabilities in the Ghostscript package, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. This can be achieved through context-dependent attacks, such as executing arbitrary code via a PostScript file containing unlimited recursive procedure invocations, leading to memory corruption in the interpreter's stack.

Recommendations For Ghostscript versions 8.64, 8.70: Update to a version that is not vulnerable to the issue. For gs-aladdin: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For gs: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For gs-common: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For gs-esp: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For libgs8: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For gs-gpl: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For libgs-dev: At the moment, there is no information about a newer version that contains a fix for this vulnerability.