Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed TrueType font in a document that trigger an integer overflow and a heap-based buffer overflow.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Artifex Ghostscript TrueType字节编码解释器Off-by-one错误漏洞
Vulnerability Description
Artifex Software Ghostscript是美国Artifex Software公司的一款开源的PostScript(一种用于电子产业和桌面出版领域的页面描述语言和编程语言)解析器,它可显示Postscript文件以及在非Postscript打印机上打印Postscript文件。 Ghostscript 8.71之前版本的TrueType字节编码解释器中的Ins_MINDEX函数中存在Off-by-one错误漏洞。远程攻击者可以借助能够触发整数溢出和堆缓冲区溢出的文件中的畸形TrueType
CVSS Information
N/A
Vulnerability Type
N/A