CVE-2016-7976
published 2017-08-07CVE-2016-7976: The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.
high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | ghostscript | — | — |
| artifex | ghostscript | — | — |
| artifex | ghostscript | >= 0 < 9.19~dfsg-3.1 | 9.19~dfsg-3.1 |
| artifex | ghostscript | >= 0 < 9.19~dfsg-3.1 | 9.19~dfsg-3.1 |
| artifex | ghostscript | >= 0 < 9.19~dfsg-3.1 | 9.19~dfsg-3.1 |
| artifex | ghostscript | >= 0 < 9.19~dfsg-3.1 | 9.19~dfsg-3.1 |
| artifex | ghostscript | >= 0 < 9.10~dfsg-0ubuntu10.5 | 9.10~dfsg-0ubuntu10.5 |
| artifex | ghostscript | >= 0 < 9.18~dfsg~0-0ubuntu2.2 | 9.18~dfsg~0-0ubuntu2.2 |
| debian | ghostscript | < ghostscript 9.19~dfsg-3.1 (bookworm) | ghostscript 9.19~dfsg-3.1 (bookworm) |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH