Executive Summary

Informations
NameCVE-2017-9620First vendor Publication2017-07-26
VendorCveLast vendor Modification2019-10-02

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score6.8Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The xps_select_font_encoding function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document, related to the xps_encode_font_char_imp function.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9620

CWE : Common Weakness Enumeration

%idName
100 %CWE-125Out-of-bounds Read

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

Nessus® Vulnerability Scanner

DateDescription
2018-11-26Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201811-12.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/99990
CONFIRM http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3ee55637480d5e319a5de04...
https://bugs.ghostscript.com/show_bug.cgi?id=698050
GENTOO https://security.gentoo.org/glsa/201811-12

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
DateInformations
2019-10-03 09:20:39
  • Multiple Updates
2019-04-18 21:19:03
  • Multiple Updates
2018-11-25 17:20:01
  • Multiple Updates
2017-08-07 21:23:10
  • Multiple Updates
2017-07-30 12:02:48
  • Multiple Updates
2017-07-29 12:05:49
  • Multiple Updates
2017-07-27 00:22:29
  • First insertion