CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
A vulnerability in the interpreter of the software suite for processing, transforming, and generating
Ghostscript documents is related to errors in relative directory path handling. Exploitation
of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a
specially generated PostScript file
Vulnerability in the afqkf psi/zmisc1.c file of the Ghostscript document processing, conversion and
generation of Ghostscript documents is related to incorrect input data validation. Exploitation
of the vulnerability could allow a remote attacker to execute arbitrary code.
Vulnerability in the base/gpmisc.c file of the Ghostscript document processing, conversion and generation software suite is related to incorrect input data validation.
Ghostscript documents is related to incorrect input data validation. Exploitation of the vulnerability could
allow a remote attacker to execute arbitrary code
Vulnerability in the interpreter of the Ghostscript processing, conversion and generation software suite is related to the output of the Ghostscript document processing, conversion and generation software.
Ghostscript document processing, conversion and generation software set interpreter vulnerability is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability
could allow an attacker to escape from an isolated program environment
Vulnerability in the contrib/opvp/gdevopvp.c component of the interpreter of the software set for processing, conversion and generation of Ghostscript documents is related to operation out of memory buffer boundaries.
processing, conversion and generation of Ghostscript documents exists due to insufficient verification of the
of input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute
arbitrary code using a specially generated PostScript file
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | ghostscript | < 9.52-10 | UNKNOWN |