CVE-2016-7977
Published: May 23, 2017Last modified: November 9, 2023
Description
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | REQUIRED |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity impact | NONE |
| Availability impact | NONE |
| Vector | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | ghostscript | Not affected (10.01.2-r0) |
| Stream | ghostscript | Not affected (10.01.2-r0) |
References
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=8abd22010eb4db0fb1b10e430d5f5d83e015ef70
- http://rhn.redhat.com/errata/RHSA-2017-0013.html
- http://rhn.redhat.com/errata/RHSA-2017-0014.html
- http://www.debian.org/security/2016/dsa-3691
- http://www.openwall.com/lists/oss-security/2016/09/29/28
- http://www.openwall.com/lists/oss-security/2016/10/05/15
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://www.securityfocus.com/bid/95334
- https://bugs.ghostscript.com/show_bug.cgi?id=697169
- https://ghostscript.com/doc/9.21/History9.htm
- https://security.gentoo.org/glsa/201702-31