CVE-2016-7979

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code…

mitre·CWE-704·Published 2017-05-23

CVSS

—

EPSS

0.06

KEV

Exploits

cve.orgen

194 chars

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.

NVDen

194 chars

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.

NVDes

267 chars

Ghostscript versiones anteriores a 9.21 podría permitir que los atacantes remotos pasaran por alto el mecanismo de protección del modo SAFER y, en consecuencia, ejecutar código arbitrario mediante el aprovechamiento de la confusión de tipos en .initialize_dsc_parser.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H