Unrated severityNVD Advisory· Published Dec 21, 2009· Updated Apr 23, 2026
CVE-2009-4270
CVE-2009-4270
Description
Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file, as originally reported for debug logging code in gdevcups.c in the CUPS output driver.
Affected products
2cpe:2.3:a:ghostscript:ghostscript:8.64:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ghostscript:ghostscript:8.64:*:*:*:*:*:*:*
- cpe:2.3:a:ghostscript:ghostscript:8.70:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
14- www.securityfocus.com/bid/37410nvdExploit
- secunia.com/advisories/37851nvdVendor Advisory
- www.vupen.com/english/advisories/2009/3597nvdVendor Advisory
- bugs.ghostscript.com/show_bug.cginvd
- lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.htmlnvd
- osvdb.org/61140nvd
- secunia.com/advisories/40580nvd
- security.gentoo.org/glsa/glsa-201412-17.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2009/12/18/1nvd
- www.openwall.com/lists/oss-security/2009/12/18/2nvd
- www.ubuntu.com/usn/USN-961-1nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.