Vulnerabilities > CVE-2020-16304 - Out-of-bounds Write vulnerability in multiple products

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

NVD

Published: 2020-08-13

Updated: 2025-03-14

Summary

A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51.

Vulnerable Configurations

Part	Description	Count
Application	Artifex Artifex Ghostscript 9.18 Artifex Ghostscript 9.19 Artifex Ghostscript 9.20 Artifex Ghostscript 9.21 Artifex Ghostscript 9.22 Artifex Ghostscript 9.23 Artifex Ghostscript 9.24 Artifex Ghostscript 9.25 Artifex Ghostscript 9.26 Artifex Ghostscript 9.27 Artifex Ghostscript 9.28 Artifex Ghostscript 9.50 Artifex Ghostscript 9.51 Artifex Ghostscript 9.52	15
OS	Debian Debian Debian Linux 9.0 Debian Debian Linux 10.0	2
OS	Canonical Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 20.04 Canonical Ubuntu Linux 16.04	3

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References