Heap-based Buffer Over-read in Artifex Ghostscript GhostXPS
CVE-2017-9727
7.8HIGH
What is CVE-2017-9727?
The gx_ttfReader__Read function in the Artifex Ghostscript GhostXPS product version 9.21 is susceptible to a heap-based buffer over-read vulnerability. This allows remote attackers to exploit this weakness by crafting a specific document that may lead to a denial of service, causing the application to crash. In some instances, this could result in additional impacts that have yet to be fully specified. Users and administrators are advised to review the provided resources for more details and implement necessary updates to mitigate this risk.