SuSE 11 Security Update : GhostScript (SAT Patch Number 876)

High Nessus Plugin ID 41396


The remote SuSE 11 host is missing one or more security updates.


Specially crafted file could cause a heap-overflow in JBIG2 decoder (CVE-2009-0196), an integer overflow in ICC library (CVE-2009-0792), a buffer overflow in BaseFont writer module (CVE-2008-6679) or crash the CCITTFax decoder. (CVE-2007-6725)

The previous security update introduced a regression that broke some printer drives. This new update fixes that issue.


Apply SAT patch number 876.

See Also

Plugin Details

Severity: High

ID: 41396

File Name: suse_11_ghostscript-devel-090513.nasl

Version: $Revision: 1.9 $

Type: local

Agent: unix

Published: 2009/09/24

Modified: 2016/12/21

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-other, p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-rus, p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-std, p-cpe:/a:novell:suse_linux:11:ghostscript-library, p-cpe:/a:novell:suse_linux:11:ghostscript-omni, p-cpe:/a:novell:suse_linux:11:ghostscript-x11, p-cpe:/a:novell:suse_linux:11:libgimpprint, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2009/05/13

Reference Information

CVE: CVE-2007-6725, CVE-2008-6679, CVE-2009-0196, CVE-2009-0792

CWE: 119, 189