Netanel Fisher discovered that the font handler in Ghostscript did not properly restrict privileged calls when '-dSAFER' restrictions were in effect. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "9.26~dfsg+0-0ubuntu0.16.04.10", "binary_name": "ghostscript" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.16.04.10", "binary_name": "ghostscript-dbg" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.16.04.10", "binary_name": "ghostscript-dbgsym" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.16.04.10", "binary_name": "ghostscript-doc" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.16.04.10", "binary_name": "ghostscript-x" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.16.04.10", "binary_name": "ghostscript-x-dbgsym" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.16.04.10", "binary_name": "libgs-dev" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.16.04.10", "binary_name": "libgs-dev-dbgsym" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.16.04.10", "binary_name": "libgs9" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.16.04.10", "binary_name": "libgs9-common" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.16.04.10", "binary_name": "libgs9-dbgsym" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "9.26~dfsg+0-0ubuntu0.18.04.10", "binary_name": "ghostscript" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.18.04.10", "binary_name": "ghostscript-dbg" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.18.04.10", "binary_name": "ghostscript-doc" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.18.04.10", "binary_name": "ghostscript-x" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.18.04.10", "binary_name": "libgs-dev" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.18.04.10", "binary_name": "libgs9" }, { "binary_version": "9.26~dfsg+0-0ubuntu0.18.04.10", "binary_name": "libgs9-common" } ] }