ghostscript is vulnerable to remote code execution. It was found that ghostscript did not properly validate the parameters passed to the .rsdparams
and .eqproc
functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER
protection.