Published: 19/08/2022 Updated: 19/12/2023

CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8

VMScore: 0

A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an malicious user to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
artifex ghostscript
debian debian linux 10.0

Several security issues were fixed in Ghostscript ...

A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in gdevlp8kc file An attacker could trick a user to open a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service (CVE-2020-27792) ...

CWE-119 https://bugs.ghostscript.com/show_bug.cgi?id=701844 https://lists.debian.org/debian-lts-announce/2022/09/msg00005.html https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 https://access.redhat.com/security/cve/CVE-2020-27792 https://bugzilla.redhat.com/show_bug.cgi?id=2247179 https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 https://ubuntu.com/security/notices/USN-5643-1 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-1947.html

CVE-2020-27792

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect