Vulnerability Details CVE-2016-10218
The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.4%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=d621292fb2c8157d9899dcd83fd04dd250e30fe4
- https://bugs.ghostscript.com/show_bug.cgi?id=697444
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=d621292fb2c8157d9899dcd83fd04dd250e30fe4
- https://bugs.ghostscript.com/show_bug.cgi?id=697444
Products affected by CVE-2016-10218
-
cpe:2.3:a:artifex:ghostscript:9.20