Описание
The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 9.21~dfsg+1-0ubuntu3.1 |
| bionic | released | 9.22~dfsg+1-0ubuntu1.1 |
| devel | not-affected | 9.22~dfsg+1-0ubuntu1.1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [9.10~dfsg-0ubuntu10.12]] |
| esm-infra/bionic | released | 9.22~dfsg+1-0ubuntu1.1 |
| esm-infra/xenial | released | 9.18~dfsg~0-0ubuntu2.8 |
| precise/esm | DNE | |
| trusty | released | 9.10~dfsg-0ubuntu10.12 |
| trusty/esm | DNE | trusty was released [9.10~dfsg-0ubuntu10.12] |
| upstream | needs-triage |
Показывать по
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
The set_text_distance function in devices/vector/gdevpdts.c in the pdf ...
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3