CyberSec.Space Logo
Back to CVE Browser

CVE-2017-8291

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score75.4840%
EPSS Percentile96.45th
PublishedApr 27, 2017
Last ModifiedApr 21, 2026

Vulnerability Description

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.

Affected Platforms (CPE)

πŸ“¦
Artifex

Ghostscript

< 9.21
πŸ’»
Debian

Debian Linux

= 8.0
πŸ’»
Redhat

Enterprise Linux Desktop

= 6.0
πŸ’»
Redhat

Enterprise Linux Desktop

= 7.0
πŸ’»
Redhat

Enterprise Linux Eus

= 7.3
πŸ’»
Redhat

Enterprise Linux Eus

= 7.4
πŸ’»
Redhat

Enterprise Linux Eus

= 7.5
πŸ’»
Redhat

Enterprise Linux Eus

= 7.6
πŸ’»
Redhat

Enterprise Linux Eus

= 7.7
πŸ’»
Redhat

Enterprise Linux Server

= 6.0
πŸ’»
Redhat

Enterprise Linux Server

= 7.0
πŸ’»
Redhat

Enterprise Linux Server Aus

= 7.3
πŸ’»
Redhat

Enterprise Linux Server Aus

= 7.4
πŸ’»
Redhat

Enterprise Linux Server Aus

= 7.6
πŸ’»
Redhat

Enterprise Linux Server Aus

= 7.7
πŸ’»
Redhat

Enterprise Linux Server Tus

= 7.3
πŸ’»
Redhat

Enterprise Linux Server Tus

= 7.6
πŸ’»
Redhat

Enterprise Linux Server Tus

= 7.7
πŸ’»
Redhat

Enterprise Linux Workstation

= 6.0
πŸ’»
Redhat

Enterprise Linux Workstation

= 7.0

References & Advisories

πŸ”— http://openwall.com/lists/oss-security/2017/04/28/2
πŸ”— http://www.debian.org/security/2017/dsa-3838
πŸ”— http://www.securityfocus.com/bid/98476
πŸ”— https://access.redhat.com/errata/RHSA-2017:1230
πŸ”— https://bugs.ghostscript.com/show_bug.cgi?id=697808
πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=1446063
πŸ”— https://bugzilla.suse.com/show_bug.cgi?id=1036453
πŸ”— https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=04b37bbce174eed24edec7ad5b920eb93db4d47d

Related Vulnerabilities

CVE-2021-37819.9

A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a speciall...

CVE-2020-159009.8

A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow over...

CVE-2019-148139.8

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its p...

CVE-2020-276059.8

BigBlueButton through 2.2.28 uses Ghostscript for processing of uploaded EPS documents, and consequently may be subject to attacks...