Vulnerability Details CVE-2017-5951
The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.3%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- http://www.debian.org/security/2017/dsa-3838
- http://www.securityfocus.com/bid/98665
- https://bugs.ghostscript.com/show_bug.cgi?id=697548
- https://security.gentoo.org/glsa/201708-06
- http://www.debian.org/security/2017/dsa-3838
- http://www.securityfocus.com/bid/98665
- https://bugs.ghostscript.com/show_bug.cgi?id=697548
- https://security.gentoo.org/glsa/201708-06
Products affected by CVE-2017-5951
-
cpe:2.3:a:artifex:ghostscript:9.20