{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<SPAN class=\n  \"textit\">Ghostscript</SPAN>, versions 8.x.","content":"## Description\n\nGhostscript permet la visualisation de documents au format Postscript.\n\nLa fonction zseticcspace() ne v\u00e9rifie pas la longeur d'un tableau. Cette\nvuln\u00e9rabilit\u00e9 permet de provoquer un d\u00e9bordement de pile. L'exploitation\nde cette vuln\u00e9rabilit\u00e9 permet \u00e0 un utilisateur malveillant d'ex\u00e9cuter du\ncode arbitraire \u00e0 distance par le biais d'un document Postscript con\u00e7u \u00e0\ncet effet.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2008-0411","url":"https://www.cve.org/CVERecord?id=CVE-2008-0411"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Fedora du 03 mars 2008 :","url":"http://www.redhat.com/archives/fedora-package-announce/2008-March/msg00085.html"},{"title":"Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0155 du 27 f\u00e9vrier    2008 :","url":"http://rhn.redhat.com/errata/RHSA-2008-0155.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2008:055 du 29 f\u00e9vrier    2008 :","url":"http://www.mandriva.com/archives/security/advisories?name=MDVSA-2008:055"},{"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA 1510 du 27 f\u00e9vrier 2008 :","url":"http://www.debian.org/security/2008/dsa-1510"},{"title":"Bulletin de s\u00e9curit\u00e9 Suse SUSE-SA:2008:010 du 28 f\u00e9vrier    2008 :","url":"http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00009.html"}],"reference":"CERTA-2008-AVI-113","revisions":[{"description":"version initiale.","revision_date":"2008-03-03T00:00:00.000000"},{"description":"ajout de la r\u00e9f\u00e9rence Fedora.","revision_date":"2008-03-06T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans <span class=\"textit\">Ghostscrpit</span> permet \u00e0\nun utilisateur malveillant d'ex\u00e9cuter du code arbitraire \u00e0 distance.\n","title":"Vuln\u00e9rabilit\u00e9 de Ghostscript","vendor_advisories":[{"published_at":null,"title":"CVE-2008-0411","url":"https://www.cve.org/CVERecord?id=CVE-2008-0411"}]}