This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote SuSE 10 host is missing a security-related patch.
This update of ghostscript fixes two security issues :
- Off-by-one error in the TrueType bytecode interpreter in
Ghostscript in SUSE Linux Enterprise 10 and 11 products
allows remote attackers to cause a denial of service
(heap memory corruption) via a malformed TrueType font
in a document. (CVE-2009-3743)
- The gs_type2_interpret function in Ghostscript allows
remote attackers to cause a denial of service (incorrect
pointer dereference and application crash) via crafted
font data in a compressed data stream. (CVE-2010-4054)
See also :
Apply ZYPP patch number 8063.
Risk factor :
High / CVSS Base Score : 9.3