CVE-2017-8291

Name
CVE-2017-8291
Description
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Mailing List http://openwall.com/lists/oss-security/2017/04/28/2
Mailing List http://www.debian.org/security/2017/dsa-3838
Broken Link http://www.securityfocus.com/bid/98476
Third Party Advisory https://access.redhat.com/errata/RHSA-2017:1230
Issue Tracking https://bugs.ghostscript.com/show_bug.cgi?id=697808
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1446063
Exploit https://bugzilla.suse.com/show_bug.cgi?id=1036453
Broken Link https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=04b37bbce174eed24edec7ad5b920eb93db4d47d
Third Party Advisory https://security.gentoo.org/glsa/201708-06
Exploit https://www.exploit-db.com/exploits/41955/
134c704f-9b21-4f2e-91b3-4a467353bcc0 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-8291

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:* ghostscript >= None < 9.21

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
ghostscript edge-main 9.21-r2 None fixed
ghostscript 3.22-main 9.21-r2 None fixed
ghostscript 3.21-main 9.21-r2 None fixed
ghostscript 3.20-main 9.21-r2 None fixed
ghostscript 3.19-main 9.21-r2 None fixed
ghostscript 3.18-main 9.21-r2 None fixed
ghostscript 3.17-main 9.21-r2 None fixed
ghostscript 3.12-main 9.21-r2 None fixed
ghostscript 3.11-main 9.21-r2 None fixed
ghostscript 3.10-main 9.21-r2 None fixed