In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.

In ghostscript before version 9.50, the .buildfont1 procedure did not ...

Security update for ghostscript

Security update for ghostscript

Security update for ghostscript

Security update for ghostscript

It was found that the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.

ELSA-2019-2465: ghostscript security update (IMPORTANT)

ELSA-2019-2462: ghostscript security update (IMPORTANT)

Уязвимость процедуры .buildfont1 программы конвертирования файлов формата PostScript Ghostscript, позволяющая нарушителю повысить свои привилегии и получить доступ к файловой системе