Security News > 2023 > July > Ghostscript bug could allow rogue documents to run system commands
Ghostscript is a free and open-source implementation of Adobe's widely-used PostScript document composition system and its even-more-widely-used PDF file format, short for Portable Document Format.
Loosely put, Ghostscript reads in PostScript program code, which describes how to construct the pages in a document, and converts it, or renders it, into a format more suitable for displaying or printing, such as raw pixel data or a PNG graphics file.
Until the latest release of Ghostscript, now at version 10.01.2, the product had a bug, dubbed CVE-2023-36664, that could allow rogue documents not only to create pages of text and graphics, but also to send system commands into the Ghostscript rednering engine and trick the software into running them.
Pipes, as you will know if you've ever done any programming or script writing, are system objects that pretend to be files, in that you can write to them as you would to disk, or read data in from them, using regular system functions such as read() and write() on Unix-type systems, or ReadFile() and WriteFile() on Windows.
If you have software that comes with a bundled version of Ghostscript, check with the provider for details on upgrading the Ghostscript component.
Ask yourself, as the Ghostscript team did, "Where else could a similar sort of coding blunder have happened, and what other tricks could be used to trigger the bug we already know about."
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-25 | CVE-2023-36664 | Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). | 7.8 |