7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
ghostscript is vulnerable to arbitrary code execution. The vulnerability exists as it was found that Ghostscript always tried to read Ghostscript system initialization files from the current working directory before checking other directories, even if a search path that did not contain the current working directory was specified with the “-I” option, or the “-P-” option was used (to prevent the current working directory being searched first). If a user ran Ghostscript in an attacker-controlled directory containing a system initialization file, it could cause Ghostscript to execute arbitrary PostScript code.
bugs.debian.org/cgi-bin/bugreport.cgi?bug=583183
bugs.debian.org/cgi-bin/bugreport.cgi?bug=583316
bugs.ghostscript.com/show_bug.cgi?id=691339
bugs.ghostscript.com/show_bug.cgi?id=691350
lists.fedoraproject.org/pipermail/package-announce/2010-July/043913.html
lists.fedoraproject.org/pipermail/package-announce/2010-July/043948.html
lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
savannah.gnu.org/forum/forum.php?forum_id=6368
secunia.com/advisories/40452
secunia.com/advisories/40475
secunia.com/advisories/40532
security.gentoo.org/glsa/glsa-201412-17.xml
www.osvdb.org/66247
www.securityfocus.com/archive/1/511433
www.securityfocus.com/archive/1/511472
www.securityfocus.com/archive/1/511474
www.securityfocus.com/archive/1/511476
www.vupen.com/english/advisories/2010/1757
access.redhat.com/errata/RHSA-2012:0095
access.redhat.com/security/updates/classification/#moderate
bugzilla.novell.com/show_bug.cgi?id=608071
bugzilla.redhat.com/show_bug.cgi?id=599564
rhn.redhat.com/errata/RHSA-2012-0095.html