CVE-2008-0411
EPSS 15.3%gs-esp gs-gpl - arbitrary code execution
Published: 2/28/2008Modified: 4/28/2026
Description
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
Affected packages (3)
- Debian/ghostscriptfrom 0, < 8.61.dfsg.1-1.1
- Debian/gs-espfrom 0, < 7.07.1-9sarge1
- Debian/gs-gplfrom 0, < 8.01-6