Unknown
CVE-2009-3743
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)
Unknown
(0 users assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed TrueType font in a document that trigger an integer overflow and a heap-based buffer overflow.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
- artifex
Products
- afpl ghostscript 6.0,
- afpl ghostscript 6.01,
- afpl ghostscript 6.50,
- afpl ghostscript 7.00,
- afpl ghostscript 7.03,
- afpl ghostscript 7.04,
- afpl ghostscript 8.00,
- afpl ghostscript 8.11,
- afpl ghostscript 8.12,
- afpl ghostscript 8.13,
- afpl ghostscript 8.14,
- afpl ghostscript 8.50,
- afpl ghostscript 8.51,
- afpl ghostscript 8.52,
- afpl ghostscript 8.53,
- afpl ghostscript 8.54,
- ghostscript fonts 6.0,
- ghostscript fonts 8.11,
- gpl ghostscript,
- gpl ghostscript 8.01,
- gpl ghostscript 8.15,
- gpl ghostscript 8.50,
- gpl ghostscript 8.51,
- gpl ghostscript 8.54,
- gpl ghostscript 8.56,
- gpl ghostscript 8.57,
- gpl ghostscript 8.60,
- gpl ghostscript 8.61,
- gpl ghostscript 8.62,
- gpl ghostscript 8.63,
- gpl ghostscript 8.64
References
Advisory
Miscellaneous
Additional Info
Technical Analysis
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
