PT-2017-18615 · Artifex · Artifex Ghostscript

Kamil Frankowicz

Published

2017-05-12

Updated

2017-11-29

CVE-2017-8908

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Artifex Ghostscript version 9.21

Description The issue allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document. This is due to a problem in the mark line tr function in gxscanc.c.

Recommendations For Artifex Ghostscript version 9.21, consider updating to a newer version that contains a fix for this issue, as no specific workaround is provided for this version.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2017-8908

MGASA-2017-0430

Affected Products

Artifex Ghostscript

PT-2017-18615 · Artifex · Artifex Ghostscript

CVE-2017-8908

Weakness Enumeration

Related Identifiers

Affected Products

References · 10