Denial of Service Vulnerability in Artifex Ghostscript GhostXPS Software
CVE-2017-9620
7.8HIGH
What is CVE-2017-9620?
The xps_select_font_encoding function in the xpsfont.c file of Artifex Ghostscript GhostXPS version 9.21 is susceptible to a denial of service vulnerability. This flaw allows remote attackers to exploit crafted documents, potentially leading to heap-based buffer over-reads and application crashes. The vulnerability is associated with the xps_encode_font_char_imp function, which can be triggered by specially designed inputs, potentially impacting system stability.