Vulnerability identifier: #VU16073
Vulnerability risk: Low
CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-843
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Ghostscript
Universal components / Libraries /
Libraries used by multiple products
GhostXPS
Universal components / Libraries /
Libraries used by multiple products
Vendor: Artifex Software, Inc.
Description
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The vulnerability exists due to a setcolorspace type confusion condition in the psi/zicc.c source code file. A remote unauthenticated attacker can trick the victim into accessing a PostScript file that submits malicious input to bypass the security access restrictions on the targeted system, which could be used to conduct further attacks.
Mitigation
Update to version 9.26.
Vulnerable software versions
Ghostscript: 9.00 - 9.25
GhostXPS: 9.21
External links
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=67d760ab775dae4efe803b5944b0439aa3c0b04a
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.