Vulnerability details
Advisory: SB2017042603 - Remote command injection in Ghostscript
Vulnerable component: Ghostscript
CVE-ID: CVE-2017-8291
CVSSv3 score: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C
CWE-ID: CWE-704 - Incorrect Type Conversion or Cast (Type Conversion)
Description:
The vulnerability allows a remote unauthenticated attacker to execute arbitrary commands on a targeted system.
The weakness exists due to type confusion error when processing user-supplied parameters passed to the .rsdparams and .eqproc functions in ghostscript. A remote attacker can submit a specially crafted .eps document, execute code in the context of the ghostscript process and bypass -dSAFER protection.
Successful exploitation of the vulnerability may result in system compromise.
Note: this vulnerability is being exploited in the wild.
Public Exploits:
Latest references in media:
- Critical Sandbox Bypass Vulnerabilities in Ghostscript Interpreter Could Leave Many Software and Systems at Risk of Hacking [2018-08-22 10:30:05]
- No Patch Available Yet for New Major Vulnerability in Ghostscript Interpreter [2018-08-22 09:40:23]
- North Korean Hackers Prep Attacks Against Cryptocurrency Exchanges: Report [2018-01-16 20:01:34]
- SystemD wins top gong for 'lamest vendor' in Pwnie security awards [2017-07-28 22:50:02]
Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.