CVE-2023-43115

Severity

98%

Complexity

39%

Confidentiality

98%

In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server).

CVSS 3.1 Base Score 9.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Overview

First reported 1 year ago

2023-09-18 08:15:00

Last updated 1 year ago

2023-11-07 04:21:00

Affected Software

Artifex Ghostscript

References

https://bugs.ghostscript.com/show_bug.cgi?id=707051

https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=e59216049cac290fb437a04c4f41ea46826cfba5

https://ghostscript.com/

https://bugs.ghostscript.com/show_bug.cgi?id=707051

Permissions Required

https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=e59216049cac290fb437a04c4f41ea46826cfba5

Mailing List, Patch

https://ghostscript.com/

Product

FEDORA-2023-66d60c3df7

FEDORA-2023-c2665a9ff3

https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=e59216049cac290fb437a04c4f41ea46826cfba5

FEDORA-2023-66d60c3df7

FEDORA-2023-c2665a9ff3

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.