Heap-based Buffer Over-read in Artifex Ghostscript GhostXPS
CVE-2017-9740
7.8HIGH
What is CVE-2017-9740?
The xps_decode_font_char_imp function in the xps/xpsfont.c file of Artifex Ghostscript GhostXPS version 9.21 is vulnerable to a heap-based buffer over-read. Remote attackers can exploit this vulnerability by crafting malicious documents that trigger an application crash, potentially leading to a denial of service or other unspecified impacts.