Vulnerability & Exploit Database

Back to search

Huawei EulerOS: CVE-2017-8291: Moderate: ghostscript security update

Severity CVSS Published Added Modified
7 (AV:N/AC:M/Au:N/C:P/I:P/A:P) April 25, 2017 November 29, 2017 November 30, 2017

Available Exploits 

Description

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

huawei-euleros-2_0_sp1-upgrade-ghostscript

Related Vulnerabilities