CVE-2018-16510

Name of the Vulnerable Software and Affected Versions Artifex Ghostscript versions prior to 9.24

Description An issue in Artifex Ghostscript allows remote attackers to supply crafted PDFs, potentially crashing the interpreter or having other unspecified impacts. The vulnerability is caused by incorrect exec stack handling in the "CS" and "SC" PDF primitives and a buffer overflow in memory, which could allow an attacker to impact the confidentiality, integrity, and availability of protected information using a specially crafted PDF file.

Recommendations For versions prior to 9.24, update to version 9.24 or later to resolve the issue. As a temporary workaround, consider restricting the use of the "CS" and "SC" PDF primitives until a patch is available. Avoid processing untrusted or specially crafted PDF files with affected versions of Artifex Ghostscript.