Ghostscript 8.71 and previous versions reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option to the gs program, as demonstrated using gs_init.ps, a different vulnerability than CVE-2010-4820.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
artifex afpl ghostscript 7.03 |
||
artifex afpl ghostscript 7.00 |
||
artifex afpl ghostscript 6.50 |
||
artifex afpl ghostscript 6.01 |
||
artifex gpl ghostscript 8.01 |
||
artifex ghostscript fonts 6.0 |
||
artifex gpl ghostscript 8.62 |
||
artifex gpl ghostscript 8.63 |
||
artifex afpl ghostscript 8.14 |
||
artifex afpl ghostscript 8.13 |
||
artifex afpl ghostscript 8.12 |
||
artifex afpl ghostscript 8.11 |
||
artifex gpl ghostscript 8.51 |
||
artifex gpl ghostscript 8.54 |
||
artifex afpl ghostscript 8.53 |
||
artifex afpl ghostscript 8.54 |
||
artifex gpl ghostscript |
||
artifex afpl ghostscript 7.04 |
||
artifex afpl ghostscript 6.0 |
||
artifex afpl ghostscript 8.52 |
||
artifex afpl ghostscript 8.50 |
||
artifex afpl ghostscript 8.00 |
||
artifex gpl ghostscript 8.50 |
||
artifex gpl ghostscript 8.61 |
||
artifex gpl ghostscript 8.57 |
||
artifex gpl ghostscript 8.64 |
||
artifex afpl ghostscript 8.51 |
||
artifex gpl ghostscript 8.15 |
||
artifex ghostscript fonts 8.11 |
||
artifex gpl ghostscript 8.60 |
||
artifex gpl ghostscript 8.56 |
||
artifex gpl ghostscript 8.70 |