Lucene search

K
ubuntuUbuntuUSN-6433-1
HistoryOct 17, 2023 - 12:00 a.m.

Ghostscript vulnerability

2023-10-1700:00:00
ubuntu.com
43
ghostscript
pdf
ubuntu
vulnerability
code execution

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.002

Percentile

58.7%

Releases

  • Ubuntu 23.10
  • Ubuntu 23.04
  • Ubuntu 22.04 LTS
  • Ubuntu 20.04 LTS

Packages

  • ghostscript - PostScript and PDF interpreter

Details

It was discovered that Ghostscript incorrectly handled certain PDF
documents. If a user or automated system were tricked into opening a
specially crafted PDF file, a remote attacker could use this issue to
execute arbitrary code.

OSVersionArchitecturePackageVersionFilename
Ubuntu23.10noarchghostscript< 10.01.2~dfsg1-0ubuntu2.1UNKNOWN
Ubuntu23.10noarchghostscript-dbgsym< 10.01.2~dfsg1-0ubuntu2.1UNKNOWN
Ubuntu23.10noarchghostscript-doc< 10.01.2~dfsg1-0ubuntu2.1UNKNOWN
Ubuntu23.10noarchghostscript-x< 10.01.2~dfsg1-0ubuntu2.1UNKNOWN
Ubuntu23.10noarchlibgs-common< 10.01.2~dfsg1-0ubuntu2.1UNKNOWN
Ubuntu23.10noarchlibgs-dev< 10.01.2~dfsg1-0ubuntu2.1UNKNOWN
Ubuntu23.10noarchlibgs10< 10.01.2~dfsg1-0ubuntu2.1UNKNOWN
Ubuntu23.10noarchlibgs10-common< 10.01.2~dfsg1-0ubuntu2.1UNKNOWN
Ubuntu23.10noarchlibgs10-dbgsym< 10.01.2~dfsg1-0ubuntu2.1UNKNOWN
Ubuntu23.10noarchlibgs9-common< 10.01.2~dfsg1-0ubuntu2.1UNKNOWN
Rows per page:
1-10 of 361

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.002

Percentile

58.7%