CVE-2020-36773

2024-02-0418:16:00

Google

osv.dev

cve-2020-36773

pdf document

unicode code point

ligature

software

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.1%

JSON

Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature).

CPENameOperatorVersion
ghostpdl-downloadseqgs922rc1
ghostpdl-downloadseq9.27rc1
ghostpdl-downloadseqghostpdl-9.51rc2
ghostpdl-downloadseqgs921
ghostpdl-downloadseqgs922
ghostpdl-downloadseqgs926
ghostpdl-downloadseqgs923rc1
ghostpdl-downloadseqgs925rc1
ghostpdl-downloadseqgs920rc1
ghostpdl-downloadseqgs928rc3

Name	Operator	Version
ghostpdl-downloads	eq	gs922rc1
ghostpdl-downloads	eq	9.27rc1
ghostpdl-downloads	eq	ghostpdl-9.51rc2
ghostpdl-downloads	eq	gs921
ghostpdl-downloads	eq	gs922
ghostpdl-downloads	eq	gs926
ghostpdl-downloads	eq	gs923rc1
ghostpdl-downloads	eq	gs925rc1
ghostpdl-downloads	eq	gs920rc1
ghostpdl-downloads	eq	gs928rc3