Ghostscript Type Confusion Arbitrary Command Execution (CVE-2017-8291)

An arbitrary code execution vulnerability exists within Ghostscript. This vulnerability is due to the way Ghostscript parses .eps files. An attacker can manipulate a .eps file and run arbitrary commands on the victims computer...

Fedora 25 : ghostscript (2017-c85c0e5637)

Security fixes release for these CVEs : - CVE-2016-10217 use-after-free and application crash - CVE-2016-10218 NULL pointer dereference and application crash - CVE-2016-10219 divide-by-zero error and application crash - CVE-2016-10220 NULL pointer dereference and application crash - CVE-2017-5951...

Debian DLA-932-1 : ghostscript security update

A vulnerability was discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution of arbitrary code or denial of service if a specially crafted Postscript file is processed. For Debian 7 'Wheezy', these problems have been fixed in version 9.05dfsg-6.3+deb7u6. We...

MGASA-2017-0133 Updated ghostscript packages fix security vulnerability

Various userparams in Ghostscript allow %pipe% in paths, allowing remote shell command execution CVE-2016-7976. The .libfile function in Ghostscript doesn't check PermitFileReading array, allowing remote file disclosure CVE-2016-7977. Reference leak in the .setdevice function in Ghostscript allow...

Updated ghostscript packages fix security vulnerability

Various userparams in Ghostscript allow %pipe% in paths, allowing remote shell command execution CVE-2016-7976. The .libfile function in Ghostscript doesn't check PermitFileReading array, allowing remote file disclosure CVE-2016-7977. Reference leak in the .setdevice function in Ghostscript allow...

[SECURITY] [DLA 932-1] ghostscript security update

Package : ghostscript Version : 9.05dfsg-6.3+deb7u6 CVE ID : CVE-2017-8291 Debian Bug : 861295 A vulnerability was discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution of arbitrary code or denial of service if a specially crafted Postscript file is...

[SECURITY] Fedora 25 Update: ghostscript-9.20-9.fc25

Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...

DLA-932-1 ghostscript - security update

Bulletin has no description...

Fedora Update for ghostscript FEDORA-2017-c85c0e5637

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[ASA-201705-3] ghostscript: arbitrary command execution

Arch Linux Security Advisory ASA-201705-3 ========================================= Severity: High Date : 2017-05-07 CVE-ID : CVE-2017-8291 Package : ghostscript Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-256 Summary ======= The package ghostscript...

Metasploit Weekly Wrapup

Ghost...what??? hdm recently provided a new exploit module for a type confusion vulnerability that exists in Ghostscript versions 9.21 and earlier, allowing remote code execution on the target. And to "kick it up a notch", this exploit got itself a snazzy logo which also contains the exploit:...

SUSE SLES11 Security Update : ghostscript-library (SUSE-SU-2017:1153-1)

This update for ghostscript fixes the following security vulnerability : - CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. bsc1036453 Note that Tenable Network Security has extracted the preceding description block directly fr...

SUSE-SU-2017:1153-1 Security update for ghostscript-library

This update for ghostscript fixes the following security vulnerability: CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. bsc1036453...

Ghostscript 9.21 Type Confusion Arbitrary Command Execution Exploit

This Metasploit module exploits a type confusion vulnerability in Ghostscript that can be exploited to obtain arbitrary command execution. This vulnerability affects Ghostscript versions 9.21 and earlier and can be exploited through libraries such as ImageMagick and Pillow. This module requires...

EulerOS 2.0 SP1 : ghostscript (EulerOS-SA-2016-1050)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when...

Ghostscript 9.21 Type Confusion Arbitrary Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ghostscript Type Confusion Arbitrary Command Execution', 'Description' = %q This module exploits a type confusion vulnerability in Ghostscript tha...

SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2017:1138-1)

This update for ghostscript fixes the following security vulnerabilities : - CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. bsc1036453 - CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misus...

Debian DSA-3838-1 : ghostscript - security update

Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution of arbitrary code or denial of service if a specially crafted Postscript file is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

Ubuntu: Security Advisory (USN-3272-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ghostscript remote code execution (CVE-2017-8291) (ghostbutt)

No description provided by source. %!PS-Adobe-3.0 EPSF-3.0 %%BoundingBox: -0 -0 100 100 /sizefrom 10000 def /sizestep 500 def /sizeto 65000 def /enlarge 1000 def %/bigarr 65000 array def 0 sizefrom sizestep sizeto pop 1 add for /buffercount exch def /buffersizes buffercount array def 0 sizefrom...