2018
23.08
Ghostscript – Dangerous vulnerabilities in the PDF interpreter

The Ghostscript interpreter for handling PDF and PostScript files is vulnerable. Widely used software like ImageMagick and Gimp rely on Ghostscript and make systems vulnerable. Meanwhile, it has been confirmed that Ubuntu, for example, is susceptible to attack, CERT reports to Carnegie Mellon University. Their warning contains a list of affected software. So far there are no security patches. For a successful attack, a victim only needs to open an attacker-prepared EPS, PDF, PostScript, or XPS document. Subsequently, an attacker could leverage security mechanisms of the optional dSAFER option and execute code, the discoverer of the gap Tavis Ormandy executes in a bug entry. He classifies the weak points as critical and comparatively easy to exploit. When security patches appear is unknown. Anyone using Ghostscript software should urgently disable the EPS, PDF, PS, and XPS codes in ImageMagick’s policy.xml file, Ormandy advises.

back