Your submission was sent successfully! Close

CVE-2017-7207

Published: 21 March 2017

The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
ghostscript
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was released [9.05~dfsg-0ubuntu4.5])
trusty Does not exist
(trusty was released [9.10~dfsg-0ubuntu10.7])
upstream Needs triage

xenial
Released (9.18~dfsg~0-0ubuntu2.4)
yakkety
Released (9.19~dfsg+1-0ubuntu6.4)
zesty
Released (9.19~dfsg+1-0ubuntu7.2)
Patches:
upstream: http://www.ghostscript.com/cgi-bin/findgit.cgi?309eca4e0a31ea70dcc844812691439312dad091