Security News > 2023 > July > Critical RCE found in popular Ghostscript open-source PDF library

Critical RCE found in popular Ghostscript open-source PDF library
2023-07-12 16:46

Ghostscript, an open-source interpreter for PostScript language and PDF files widely used in Linux, has been found vulnerable to a critical-severity remote code execution flaw.

The flaw is tracked as CVE-2023-3664, having a CVSS v3 rating of 9.8, and impacts all versions of Ghostscript before 10.01.2, which is the latest available version released three weeks ago.

When Ghostscript attempts to open a file, it uses another function called "Gp validate path" to check if its location is safe.

Since the vulnerable function changes the location details before that second function's check, it's trivial for an attacker to exploit the loophole and force Ghostscript to deal with files in locations that should be off-limits.

Kroll's analysts created a PoC that is triggered by opening an EPS file on any application using Ghostscript.

If the latest Ghostscript has not been made available yet on your distribution's software channels, it is recommended to compile it from the source code.


News URL

https://www.bleepingcomputer.com/news/security/critical-rce-found-in-popular-ghostscript-open-source-pdf-library/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-09-25 CVE-2023-3664 Unspecified vulnerability in Fileorganizer 1.0.0/1.0.1/1.0.2
The FileOrganizer WordPress plugin through 1.0.2 does not restrict functionality on multisite instances, allowing site admins to gain full control over the server.
network
low complexity
fileorganizer
7.2
7.2