Rapid7 Vulnerability & Exploit Database

RHSA-2012:0095: ghostscript security update

Back to Search

RHSA-2012:0095: ghostscript security update



Ghostscript is a set of software that provides a PostScript interpreter, aset of C procedures (the Ghostscript library, which implements the graphicscapabilities in the PostScript language) and an interpreter for PortableDocument Format (PDF) files.An integer overflow flaw was found in Ghostscript's TrueType bytecodeinterpreter. An attacker could create a specially-crafted PostScript or PDFfile that, when interpreted, could cause Ghostscript to crash or,potentially, execute arbitrary code. (CVE-2009-3743)It was found that Ghostscript always tried to read Ghostscript systeminitialization files from the current working directory before checkingother directories, even if a search path that did not contain the currentworking directory was specified with the "-I" option, or the "-P-" optionwas used (to prevent the current working directory being searched first).If a user ran Ghostscript in an attacker-controlled directory containing asystem initialization file, it could cause Ghostscript to execute arbitraryPostScript code. (CVE-2010-2055)Ghostscript included the current working directory in its library searchpath by default. If a user ran Ghostscript without the "-P-" option in anattacker-controlled directory containing a specially-crafted PostScriptlibrary file, it could cause Ghostscript to execute arbitrary PostScriptcode. With this update, Ghostscript no longer searches the current workingdirectory for library files by default. (CVE-2010-4820)Note: The fix for CVE-2010-4820 could possibly break existingconfigurations. To use the previous, vulnerable behavior, run Ghostscriptwith the "-P" option (to always search the current working directoryfirst).A flaw was found in the way Ghostscript interpreted PostScript Type 1 andPostScript Type 2 font files. An attacker could create a specially-craftedPostScript Type 1 or PostScript Type 2 font file that, when interpreted,could cause Ghostscript to crash or, potentially, execute arbitrary code.(CVE-2010-4054)Users of Ghostscript are advised to upgrade to these updated packages,which contain backported patches to correct these issues.


  • redhat-upgrade-ghostscript
  • redhat-upgrade-ghostscript-debuginfo
  • redhat-upgrade-ghostscript-devel
  • redhat-upgrade-ghostscript-doc
  • redhat-upgrade-ghostscript-gtk

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center