CVE-2018-16509 PoC — Artifex Ghostscript 安全漏洞

Source

https://github.com/knqyf263/CVE-2018-16509

Associated Vulnerability

Title:Artifex Ghostscript 安全漏洞 (CVE-2018-16509)
Description:Artifex Ghostscript是美国Artifex Software公司的一款开源的PostScript（一种用于电子产业和桌面出版领域的页面描述语言和编程语言）解析器，它可显示Postscript文件以及在非Postscript打印机上打印Postscript文件。 Artifex Ghostscript 9.24之前版本中存在安全漏洞，该漏洞源于在处理/invalidaccess异常时，程序没有正确的检测‘restoration of privilege（权限恢复）’。攻击者可通过提交特制的P

Description

CVE-2018-16509 (Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities)

Readme

# CVE-2018-16509
Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities

## Run

```
$ docker run -d --name cve-2018-16509 -p 9000:9000 cve-2018-16509
```

File Snapshot


 [4.0K]  /data/pocs/918379b3878180c36fffdb7a72de9732df8ff0e9
├── [ 390]  Dockerfile
├── [4.0K]  html
│   ├── [ 246]  index.html
│   └── [ 235]  resize.php
├── [1.0K]  LICENSE
└── [ 169]  README.md

1 directory, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!