CVE-2017-8291 ghostscript corruption of operand stack

CVE ID

CVE-2017-8291

DESCRIPTION

It was found that ghostscript did not properly validate the parameters passed
to the .rsdparams and .eqproc functions. During its execution, a specially
crafted PostScript document could execute code in the context of the
ghostscript process, bypassing the -dSAFER protection.

CVSS3 Base Score    7.3

RESOLUTION

Fixed in latest Unitrends security update with
   ghostscript-8.70-23.el6_9.2

LINK TO ADVISORIES

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us