Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-46751
HistoryDec 07, 2023 - 12:00 a.m.

CVE-2023-46751

2023-12-0700:00:00
ubuntu.com
ubuntu.com
10
cve-2023-46751
application crash
remote attack
dangling pointer
issue
artifex ghostscript
security vulnerability
unix

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

38.8%

An issue was discovered in the function gdev_prn_open_printer_seekable() in
Artifex Ghostscript through 10.02.0 allows remote attackers to crash the
application via a dangling pointer.

Bugs

Notes

Author Note
mdeslaur introduced by: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=e1a3956f252404f07d93be47f7845b23e4a2c4de
OSVersionArchitecturePackageVersionFilename
ubuntu22.04noarchghostscript< 9.55.0~dfsg1-0ubuntu5.6UNKNOWN
ubuntu23.04noarchghostscript< 10.0.0~dfsg1-0ubuntu1.5UNKNOWN
ubuntu23.10noarchghostscript< 10.01.2~dfsg1-0ubuntu2.2UNKNOWN
ubuntu24.04noarchghostscript< 10.02.1~dfsg1-0ubuntu1UNKNOWN

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

38.8%