Ghostscript GhostXPS is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Due to the nature of this issue, code execution may be possible but this has not been confirmed.
Ghostscript GhostXPS 9.22 is vulnerable; other versions may also be affected.
Information
Redhat Enterprise Linux 6
Redhat Enterprise Linux 5
Artifex Ghostscript 9.22
Exploit
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
References:
- Bug 1475833 - (CVE-2017-9727) CVE-2017-9727 ghostscript: Heap-buffer over-read i (Red Hat)
- Bug 698056 - heap-buffer-overflow in gx_ttfReader__Read(base/gxttfb.c) (Ghostscript)
- CVE-2017-9727 (Red Hat)
- GhostXPS Homepage (Ghostscript)
- projects / ghostpdl.git / commit : Bug 698056: make bounds check in gx_ttfReader (Ghostscript)