Описание
A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32_t. This was fixed in commit 5d499272b95a6b890a1397e11d20937de000d31b.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| devel | released | 9.52~dfsg-1ubuntu2 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | released | 9.50~dfsg-5ubuntu4.1 |
| esm-infra/xenial | not-affected | code not present |
| focal | released | 9.50~dfsg-5ubuntu4.1 |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32_t. This was fixed in commit 5d499272b95a6b890a1397e11d20937de000d31b.
A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32_t. This was fixed in commit 5d499272b95a6b890a1397e11d20937de000d31b.
A memory corruption issue was found in Artifex Ghostscript 9.50 and 9. ...
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3