Mandriva Linux Security Advisory 2010-134 – Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file, as originally reported for debug logging code in gdevcups.c in the CUPS output driver. Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter. As a precaution ghostscriptc has been rebuilt to link against the system libpng library which was fixed with MDVSA-2010:133.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/91883/MDVSA-2010-134.txt
Source: https://packetstormsecurity.com/files/91883/Mandriva-Linux-Security-Advisory-2010-134.html