Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
CVSS Information
N/A
Vulnerability Type
特权API的不正确使用
Vulnerability Title
Artifex Software Ghostscript 访问控制错误漏洞
Vulnerability Description
Artifex Software Ghostscript是美国Artifex Software公司的一款开源的PostScript(一种用于电子产业和桌面出版领域的页面描述语言和编程语言)解析器。该产品可显示Postscript文件以及在非Postscript打印机上打印Postscript文件。 Artifex Software Ghostscript中存在安全漏洞。攻击者可借助特制的PostScript文件利用该漏洞绕过-dSAFER限制,访问受限目录之外的文件系统。
CVSS Information
N/A
Vulnerability Type
N/A