Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name.
The product writes data past the end, or before the beginning, of the intended buffer.
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
Link | Tags |
---|---|
https://bugs.ghostscript.com/show_bug.cgi?id=707510 | issue tracking |
https://git.ghostscript.com/?p=ghostpdl.git%3Bh=77dc7f699beba606937b7ea23b50cf5974fa64b1 | broken link |
https://www.openwall.com/lists/oss-security/2024/07/03/7 | third party advisory mailing list |