Vulnerability & Exploit Database

Back to search

Red Hat: CVE-2017-8291: Important: ghostscript security update (RHSA-2017:1230)

Severity CVSS Published Added Modified
7 (AV:N/AC:M/Au:N/C:P/I:P/A:P) April 25, 2017 May 11, 2017 November 03, 2017

Description

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

redhat-upgrade-ghostscript

Related Vulnerabilities