oss-sec mailing list archives
ghostscript CVE for multiple NULL dereferences in JBIG2 decoder
From: Vincent Danen <vdanen () redhat com>
Date: Mon, 26 Oct 2009 15:46:55 -0600
I'm not sure if a CVE name has ever been requested for this issue. Similar to Adobe's CVE-2009-0658 issue, the same PDF proof-of-concept was used to crash ghostscript (multiple NULL pointer dereference flaws found in Ghostscript's JBIG2 compression format decoder). If a CVE name was assigned for this, does anyone know it? I can't find it. If not, could one be assigned? Details are available on our bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=503785 Thanks. --Vincent Danen / Red Hat Security Response Team
Current thread:
- ghostscript CVE for multiple NULL dereferences in JBIG2 decoder Vincent Danen (Oct 26)
- Re: ghostscript CVE for multiple NULL dereferences in JBIG2 decoder Raphael Geissert (Oct 27)
- Re: Re: ghostscript CVE for multiple NULL dereferences in JBIG2 decoder Mark J Cox (Oct 28)
- Re: Re: ghostscript CVE for multiple NULL dereferences in JBIG2 decoder Oden Eriksson (Oct 29)
- Re: Re: ghostscript CVE for multiple NULL dereferences in JBIG2 decoder Mark J Cox (Oct 28)
- Re: ghostscript CVE for multiple NULL dereferences in JBIG2 decoder Raphael Geissert (Oct 27)