CVE-2017-6196
published 2017-02-24CVE-2017-6196: Multiple use-after-free vulnerabilities in the gx_image_enum_begin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283…
high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
Multiple use-after-free vulnerabilities in the gx_image_enum_begin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | afpl_ghostscript | <= 8452f9238959a4d518af365812bf031fe4d8d4b7 | — |
| artifex | ghostscript | >= 0 < 9.10~dfsg-0ubuntu10.6 | 9.10~dfsg-0ubuntu10.6 |
| artifex | ghostscript | >= 0 < 9.18~dfsg~0-0ubuntu2.3 | 9.18~dfsg~0-0ubuntu2.3 |
| debian | ghostscript | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv7.8HIGH