HomeGhostscriptCVE-2008-0411

CVE-2008-0411

UNKNOWN
6.8CVSS
Published: 2008-02-28
Updated: 2025-04-09
AI Analysis

Description

Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.

CVSS Metrics

Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Access Vector
network
Access Cmplx
medium
Auth
none
Confidentiality
partial
Integrity
partial
Availability
partial
Weaknesses
CWE-119

Metadata

Primary Vendor
GHOSTSCRIPT
Published
2/28/2008
Last Modified
4/9/2025
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

ghostscript : ghostscriptghostscript : ghostscriptghostscript : ghostscriptghostscript : ghostscript

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD
CVE-CVE-2008-0411 | UNKNOWN Severity | CVEDatabase.com | CVEDatabase.com