Ghostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option to the gs program, as demonstrated using gs_init.ps, a different vulnerability than CVE-2010-4820.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Afpl_ghostscript | Artifex | 6.0 (including) | 6.0 (including) |
Afpl_ghostscript | Artifex | 6.01 (including) | 6.01 (including) |
Afpl_ghostscript | Artifex | 6.50 (including) | 6.50 (including) |
Afpl_ghostscript | Artifex | 7.00 (including) | 7.00 (including) |
Afpl_ghostscript | Artifex | 7.03 (including) | 7.03 (including) |
Afpl_ghostscript | Artifex | 7.04 (including) | 7.04 (including) |
Afpl_ghostscript | Artifex | 8.00 (including) | 8.00 (including) |
Afpl_ghostscript | Artifex | 8.11 (including) | 8.11 (including) |
Afpl_ghostscript | Artifex | 8.12 (including) | 8.12 (including) |
Afpl_ghostscript | Artifex | 8.13 (including) | 8.13 (including) |
Afpl_ghostscript | Artifex | 8.14 (including) | 8.14 (including) |
Afpl_ghostscript | Artifex | 8.50 (including) | 8.50 (including) |
Afpl_ghostscript | Artifex | 8.51 (including) | 8.51 (including) |
Afpl_ghostscript | Artifex | 8.52 (including) | 8.52 (including) |
Afpl_ghostscript | Artifex | 8.53 (including) | 8.53 (including) |
Afpl_ghostscript | Artifex | 8.54 (including) | 8.54 (including) |
Ghostscript_fonts | Artifex | 6.0 (including) | 6.0 (including) |
Ghostscript_fonts | Artifex | 8.11 (including) | 8.11 (including) |
Gpl_ghostscript | Artifex | * | 8.71 (including) |
Gpl_ghostscript | Artifex | 8.01 (including) | 8.01 (including) |
Gpl_ghostscript | Artifex | 8.15 (including) | 8.15 (including) |
Gpl_ghostscript | Artifex | 8.50 (including) | 8.50 (including) |
Gpl_ghostscript | Artifex | 8.51 (including) | 8.51 (including) |
Gpl_ghostscript | Artifex | 8.54 (including) | 8.54 (including) |
Gpl_ghostscript | Artifex | 8.56 (including) | 8.56 (including) |
Gpl_ghostscript | Artifex | 8.57 (including) | 8.57 (including) |
Gpl_ghostscript | Artifex | 8.60 (including) | 8.60 (including) |
Gpl_ghostscript | Artifex | 8.61 (including) | 8.61 (including) |
Gpl_ghostscript | Artifex | 8.62 (including) | 8.62 (including) |
Gpl_ghostscript | Artifex | 8.63 (including) | 8.63 (including) |
Gpl_ghostscript | Artifex | 8.64 (including) | 8.64 (including) |
Gpl_ghostscript | Artifex | 8.70 (including) | 8.70 (including) |