Published: 03/04/2017 Updated: 02/05/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document.

Vulnerable Product	Search on Vulmon	Subscribe to Product
artifex ghostscript 9.20

Several security issues were fixed in Ghostscript ...

Debian Bug report logs - #896069 ghostscript: CVE-2018-10194: Buffer overflow on pprintg1 due to mishandle postscript file data to pdf Package: src:ghostscript; Maintainer for src:ghostscript is Debian Printing Team <debian-printing@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 19 ...

Debian Bug report logs - #860869 ghostscript: CVE-2016-10317: Heap-buffer overflow in the fill_threshold_buffer function Package: src:ghostscript; Maintainer for src:ghostscript is Debian Printing Team <debian-printing@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 21 Apr 2017 06:3 ...

CWE-119 https://bugs.ghostscript.com/show_bug.cgi?id=697459 http://www.securityfocus.com/bid/97410 https://usn.ubuntu.com/3636-1/https://usn.ubuntu.com/3636-1/https://nvd.nist.gov

CVE-2016-10317

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect