Remote Code Injection Vulnerability in Ghostscript by Artifex
CVE-2018-17183

7.8HIGH

Key Information:

Vendor: Debian
Status: Debian Linux; Ubuntu Linux; Ghostscript
Vendor: CVE Published:; 19 September 2018

Summary

Artifex Ghostscript versions prior to 9.25 have a significant vulnerability that allows remote attackers to exploit a user-writable error exception table. By submitting specially crafted PostScript files, malicious users could overwrite or replace existing error handlers. This vulnerability facilitates potential code injection, raising concerns for the integrity and security of systems utilizing Ghostscript.