Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-6116 PoC — Artifex Software Ghostscript 输入验证错误漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/GhostScript%20%E6%B2%99%E7%AE%B1%E7%BB%95%E8%BF%87%EF%BC%88%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%EF%BC%89%E6%BC%8F%E6%B4%9E%20CVE-2019-6116.md
Associated Vulnerability
Title:Artifex Software Ghostscript 输入验证错误漏洞 (CVE-2019-6116)
Description:Artifex Software Ghostscript是美国Artifex Software公司的一款开源的PostScript(一种用于电子产业和桌面出版领域的页面描述语言和编程语言)解析器。该产品可显示Postscript文件以及在非Postscript打印机上打印Postscript文件。 Artifex Software Ghostscript 9.26版本中存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。
File Snapshot

 # GhostScript 沙箱绕过(命令执行)漏洞 CVE-2019-6116

## 漏洞描述

2019年1月23日晚,Artifex官方在ghostscriptf的master分支上提交合并了

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.