The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Ghostscript: denial of service via JBIG2

Synthesis of the vulnerability 

An attacker can create a PDF file containing a malicious JBIG2 image, in order to stop the Ghostscript application.
Impacted systems: Fedora, Unix (platform) ~ not comprehensive.
Severity of this alert: 1/4.
Creation date: 27/10/2009.
Références of this alert: 503785, FEDORA-2009-8270, VIGILANCE-VUL-9125.

Description of the vulnerability 

A PDF document is composed of "stream" objects. These objects can contain pages, images, fonts, etc.

An image can be compressed with the JBIG2 (Joint Bi-level Image experts Group) compression algorithm.

However, Ghostscript does not correctly checks data of a JBIG2 image when uncompressing it, and a NULL pointer is dererefenced.

An attacker can therefore create a PDF file containing a malicious JBIG2 image, in order to stop the Ghostscript application.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This vulnerability note impacts software or systems such as Fedora, Unix (platform) ~ not comprehensive.

Our Vigil@nce team determined that the severity of this cybersecurity vulnerability is low.

The trust level is of type confirmed by the editor, with an origin of document.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this computer threat note.

Solutions for this threat 

Fedora 11: new ghostscript packages.
New packages are available:
  ghostscript-8.70-1.fc11
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a systems vulnerabilities database. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.