CVE-2020-15900

Name of the Vulnerable Software and Affected Versions Artifex Ghostscript versions 9.50 through 9.52

Description A memory corruption issue was found in Artifex Ghostscript, allowing overriding of file access controls through the use of a non-standard PostScript operator. The rsearch calculation for the post size resulted in a size that was too large, and could underflow to max uint32 t. This issue can lead to modification of files and execution of arbitrary commands when opening specially crafted PostScript documents. The vulnerability can be exploited to gain access to files in the file system and execute arbitrary code in the system.

Recommendations For Artifex Ghostscript versions 9.50 through 9.52, update to a version that includes the fix for this issue, as committed in 5d499272b95a6b890a1397e11d20937de000d31b. As a temporary workaround, consider restricting the use of non-standard PostScript operators, such as rsearch, to minimize the risk of exploitation. Avoid opening specially crafted PostScript documents until the issue is resolved.