CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2020-15900

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1060%
EPSS Percentile22.73th
Published2020年7月28日
Last Modified2024年11月21日

Vulnerability Description

A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32_t. This was fixed in commit 5d499272b95a6b890a1397e11d20937de000d31b.

Affected Platforms (CPE)

📦
Artifex

Ghostscript

= 9.50
📦
Artifex

Ghostscript

= 9.52
💻
Canonical

Ubuntu Linux

= 20.04
💻
Opensuse

Leap

= 15.1
💻
Opensuse

Leap

= 15.2

References & Advisories

🔗 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=log
🔗 http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00004.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00006.html
🔗 https://artifex.com/security-advisories/CVE-2020-15900
🔗 https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=5d499272b95a6b890a1397e11d20937de000d31b
🔗 https://github.com/ArtifexSoftware/ghostpdl/commit/5d499272b95a6b890a1397e11d20937de000d31b
🔗 https://github.com/ArtifexSoftware/ghostpdl/commits/master/psi/zstring.c
🔗 https://security.gentoo.org/glsa/202008-20

相關漏洞威脅

CVE-2021-37819.9

A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a speciall...

CVE-2020-276059.8

BigBlueButton through 2.2.28 uses Ghostscript for processing of uploaded EPS documents, and consequently may be subject to attacks...

CVE-2019-148139.8

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its p...

CVE-2020-367739.8

Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) becaus...