7.8
CVSSv3

CVE-2016-10317

Published: 03/04/2017 Updated: 02/05/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document.

Vendor Advisories

Several security issues were fixed in Ghostscript ...
Debian Bug report logs - #860869 ghostscript: CVE-2016-10317: Heap-buffer overflow in the fill_threshold_buffer function Package: src:ghostscript; Maintainer for src:ghostscript is Debian Printing Team <debian-printing@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 21 Apr 2017 06:3 ...
Debian Bug report logs - #896069 ghostscript: CVE-2018-10194: Buffer overflow on pprintg1 due to mishandle postscript file data to pdf Package: src:ghostscript; Maintainer for src:ghostscript is Debian Printing Team <debian-printing@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 19 ...