CVE-2010-4820: Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in…

medium4.4CVSS 3.1

AVLACMAuNCPIPAP

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055.

Affected

38 ranges· showing 25

Vendor	Product	Version range	Fixed in
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	afpl_ghostscript	—	—
artifex	ghostscript	>= 0 < 8.71~dfsg2-6.1	8.71~dfsg2-6.1
artifex	ghostscript	>= 0 < 8.71~dfsg2-6.1	8.71~dfsg2-6.1
artifex	ghostscript	>= 0 < 8.71~dfsg2-6.1	8.71~dfsg2-6.1
artifex	ghostscript	>= 0 < 8.71~dfsg2-6.1	8.71~dfsg2-6.1
artifex	ghostscript_fonts	—	—
artifex	ghostscript_fonts	—	—
artifex	gpl_ghostscript	<= 8.71	—
artifex	gpl_ghostscript	—	—
artifex	gpl_ghostscript	—	—

CVSS provenance

nvd7.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C

osv7.2HIGH