Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GhostPCL gsmchunk.c chunk_free_object memory corruption
Vulnerability Description
A vulnerability classified as problematic was found in GhostPCL 9.55.0. This vulnerability affects the function chunk_free_object of the file gsmchunk.c. The manipulation with a malicious file leads to a memory corruption. The attack can be initiated remotely but requires user interaction. The exploit has been disclosed to the public as a POC and may be used. It is recommended to apply the patches to fix this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
Artifex Software Ghostscript 缓冲区错误漏洞
Vulnerability Description
Artifex Software Ghostscript是美国Artifex Software公司的一款开源的PostScript(一种用于电子产业和桌面出版领域的页面描述语言和编程语言)解析器。该产品可显示Postscript文件以及在非Postscript打印机上打印Postscript文件。 Artifex Software Ghostscript 9.55.0版本存在安全漏洞,该漏洞源于gsmchunk.c文件中函数 chunk_free_object,使用恶意文件进行操作会导致内存损坏。
CVSS Information
N/A
Vulnerability Type
N/A