ghostscript: forceput in DefineResource is still accessible (700576)

It was found that the forceput operator could be extracted from the DefineResource method. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER...

The vulnerability of the DefineResource method in the Ghostscript file conversion program allows a attacker to escalate their privileges.

The vulnerability of the DefineResource method in the Ghostscript file conversion program is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor, operating remotely, to increase their privileges...

ghostscript: forceput in DefineResource is still accessible (700576)

It was found that the forceput operator could be extracted from the DefineResource method. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER...

UBUNTU-CVE-2019-3838

It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER...