In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ghostscript | Artifex | * | 9.23 (including) |
Red Hat Enterprise Linux 7 | RedHat | ghostscript-0:9.07-31.el7_6.1 | * |
Ghostscript | Ubuntu | bionic | * |
Ghostscript | Ubuntu | devel | * |
Ghostscript | Ubuntu | trusty | * |
Ghostscript | Ubuntu | upstream | * |
Ghostscript | Ubuntu | xenial | * |