Unrated severityNVD Advisory· Published Feb 28, 2008· Updated Apr 23, 2026
CVE-2008-0411
CVE-2008-0411
Description
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
Affected products
4cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*range: <=8.61
- cpe:2.3:a:ghostscript:ghostscript:0:*:*:*:*:*:*:*
- cpe:2.3:a:ghostscript:ghostscript:8.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ghostscript:ghostscript:8.15:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
27- www.debian.org/security/2008/dsa-1510nvdPatch
- www.gentoo.org/security/en/glsa/glsa-200803-14.xmlnvdPatch
- scary.beasts.org/security/CESA-2008-001.htmlnvdExploit
- lists.opensuse.org/opensuse-security-announce/2008-02/msg00009.htmlnvdMailing ListThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.securityfocus.com/bid/28017nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-599-1nvdThird Party Advisory
- www.redhat.com/archives/fedora-package-announce/2008-March/msg00085.htmlnvdRelease NotesThird Party Advisory
- secunia.com/advisories/29101nvdURL Repurposed
- secunia.com/advisories/29103nvdURL Repurposed
- secunia.com/advisories/29112nvdURL Repurposed
- secunia.com/advisories/29135nvdURL Repurposed
- secunia.com/advisories/29147nvdURL Repurposed
- secunia.com/advisories/29154nvdURL Repurposed
- secunia.com/advisories/29169nvdURL Repurposed
- secunia.com/advisories/29196nvdURL Repurposed
- secunia.com/advisories/29314nvdURL Repurposed
- secunia.com/advisories/29768nvdURL Repurposed
- slackware.com/security/viewer.phpnvdMailing List
- wiki.rpath.com/Advisories:rPSA-2008-0082nvdBroken Link
- www.redhat.com/support/errata/RHSA-2008-0155.htmlnvdURL Repurposed
- www.securityfocus.com/archive/1/488932/100/0/threadednvdBroken LinkVDB Entry
- www.securityfocus.com/archive/1/488946/100/0/threadednvdBroken LinkVDB Entry
- www.vupen.com/english/advisories/2008/0693/referencesnvdNot Applicable
- issues.rpath.com/browse/RPL-2217nvdBroken Link
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9557nvdBroken Link
News mentions
0No linked articles in our index yet.