Local Code Execution Vulnerability in Ghostscript by Artifex Software
CVE-2010-2055

Currently unrated

Key Information:

Vendor

Artifex
Status
Gpl Ghostscript
Afpl Ghostscript
Ghostscript Fonts
Vendor
CVE Published:
22 July 2010

What is CVE-2010-2055?

Ghostscript versions 8.71 and earlier contain a vulnerability that allows local users to execute arbitrary PostScript commands through the manipulation of initialization files. This occurs because the software reads initialization files from the current working directory without proper validation, particularly in conjunction with the -P- option. This flaw can be exploited to run malicious PostScript commands using specially crafted files, posing a risk to system integrity and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.osvdb.org/66247
vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/40532
third-party-advisoryx_refsource_SECUNIA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583183
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.