Re: Multiple memory corruption vulnerabilities in Ghostscript

[Marsh Ray <marsh () extendedsubset com>]

On 5/11/2010 8:30 PM, Peter Besenbruch wrote:
> On Tue, 11 May 2010 20:27:35 -0400
> Dan Rosenberg <dan.j.rosenberg () gmail com> wrote:
>
> > ==Solution==
> >
> > In the absence of a patch, users are encouraged to discontinue use of
> > Ghostscript or avoid processing untrusted PostScript files.

How are you supposed to trust a document before you read it?!
Judge it by it's cover perhaps?

> Ghostscript is an important part of most Linux systems out there. If
> you remove Ghostscript, you remove the ability to print in most cases.
>
> The advice to avoid opening unknown PS files is good.

Unless you're a printer.

> I wonder whether
> a similar flaw exists in Ghostscript's handling of PDF files.

Last I checked (a long long time ago), PDF wasn't a Turing-complete
programming language like Postscript, so it wouldn't allow recursion
needed for this flaw. Maybe that's why they couldn't resist adding
Javascript to it.

> If such
> an attack is possible with a PDF, the flaw is potentially much more
> serious.

Well, I need to read 'em both.

- Marsh

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/