Vulnerability & Exploit Database

Back to search

CentOS: (CVE-2017-8291) CESA-2017:1230: ghostscript

Severity CVSS Published Added Modified
7 (AV:N/AC:M/Au:N/C:P/I:P/A:P) April 25, 2017 May 18, 2017 November 03, 2017

Description

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

centos-upgrade-ghostscript

Related Vulnerabilities