Description
An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer.
References (4)
Core 4
Core References
Permissions Required
https://bugs.ghostscript.com/show_bug.cgi?id=707264
Product
https://ghostscript.com/
Broken Link
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=dcdbc595c13c9d11d235702dff46bb74c80f7698
Third Party Advisory vendor-advisory
https://www.debian.org/security/2023/dsa-5578
Scores
CVSS v3
7.5
EPSS
0.0011
EPSS Percentile
29.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-416
Status
published
Products (1)
artifex/ghostscript
< 10.02.0
Published
Dec 06, 2023
Tracked Since
Feb 18, 2026