Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:43574
HistoryOct 08, 2023 - 3:12 a.m.

Buffer Overflow

2023-10-0803:12:09
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
vulnerable
buffer overflow
denial of service
arbitrary code
pdf
remote attacker
ghostscript

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

33.8%

ghostscript is vulnerable to Buffer Overflows. A buffer overflow vulnerability in the clj_media_size function in devices/gdevclj.c allows a remote attacker to cause a denial of service or potentially execute arbitrary code by opening a specially crafted PDF document.

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

33.8%