Artifex Ghostscript prior to 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
artifex ghostscript 9.52 |
||
artifex ghostscript 9.53.0 |
||
artifex ghostscript 9.52.1 |
||
artifex ghostscript 9.51 |