CVE-2012-4875 in Ghostscriptinfo

Summary

** DISPUTED ** Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to reproduce the issue and disputed it.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

09/06/2012

Disclosure

09/06/2012

Moderation

VulDB entry created

Entries

1: VDB-5027

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

10.0

EPSS

0.09321

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-4875
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-4875
CVE Details	https://www.cvedetails.com/cve/CVE-2012-4875/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!