CVE-2019-10216

Published: 11/27/2019 Last updated: 8/4/2024 Reserved: 3/27/2019

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.0	7.3	High	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Opam packages affected (1)

conf-ghostscript

Products affected (1)

Product	Vendor	Version
ghostscript	ghostscript	versions prior to v.1.2.8 and versions prior to v.2.2.8

References (6)

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10216
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=5b85ddd19
https://security.gentoo.org/glsa/202004-03
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10216
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=5b85ddd19
https://security.gentoo.org/glsa/202004-03