Ghostscript GhostXPS CVE-2017-9611 Heap Buffer Overflow Vulnerability

Ghostscript GhostXPS is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to cause denial-of-service condition. Due to the nature of this issue, code execution may be possible but this has not been confirmed.

Artifex Ghostscript GhostXPS 9.22 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus