[Secure-testing-team] Bug#860869: ghostscript: CVE-2016-10317: Heap-buffer overflow in the fill_threshold_buffer function
Salvatore Bonaccorso
carnil at debian.org
Fri Apr 21 06:32:16 UTC 2017
Source: ghostscript
Version: 9.20~dfsg-3
Severity: important
Tags: upstream security
Forwarded: https://bugs.ghostscript.com/show_bug.cgi?id=697459
Hi,
the following vulnerability was published for ghostscript.
CVE-2016-10317[0]:
| The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex
| Software, Inc. Ghostscript 9.20 allows remote attackers to cause a
| denial of service (heap-based buffer overflow and application crash) or
| possibly have unspecified other impact via a crafted PostScript
| document.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-10317
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10317
[1] https://bugs.ghostscript.com/show_bug.cgi?id=697459
The reproducer is not yet public available, and the severity should
probably be increased due to the heap buffer overflow. But we can
ammend once more details public.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list