Description
Specially crafted postscript (.ps) files could cause buffer
overflows in ghostscript that could potentially be
exploited to execute arbitrary code (CVE-2010-1628,
CVE-2010-1869, CVE-2009-4270)
ghostscript by default read some initialization files from
the current working directory. Local attackers could
potentially exploit that to have other users execute
arbitrary commands by placing such files e.g. in /tmp
(CVE-2010-2055)