[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#839845: ghostscript: reference leak in .setdevice allows use-after-free and remote code execution



Source: ghostscript
Version: 9.19~dfsg-3
Severity: grave
Tags: security upstream
Forwarded: http://bugs.ghostscript.com/show_bug.cgi?id=697179

Hi

See:

Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697179
Reproducer: http://bugs.ghostscript.com/show_bug.cgi?id=697179#c0
Patch: http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commitdiff;h=d5ad1e02
CVE Request: http://www.openwall.com/lists/oss-security/2016/10/05/7

Regards,
Salvatore


Reply to: