CVE-2013-5653
ghostscript: getenv and filenameforall ignore -dSAFER
Severity Score
5.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.
Las funciones getenv y filenameforall en Ghostscript 9.10 ignoran el argumento "-dSAFER", lo que permite a atacantes remotos leer datos a través de un archivo postcript manipulado.
It was found that the ghostscript functions getenv and filenameforall did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable and list directory respectively, from the target.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-08-30 CVE Reserved
- 2017-01-04 CVE Published
- 2023-07-23 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/96497 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2016/09/29/28 | 2018-01-05 | |
| http://www.openwall.com/lists/oss-security/2016/09/29/5 | 2018-01-05 | |
| https://bugs.ghostscript.com/show_bug.cgi?id=694724 | 2018-01-05 | |
| https://bugs.ghostscript.com/show_bug.cgi?id=697169 | 2018-01-05 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1380327 | 2017-01-04 |
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2017-0013.html | 2018-01-05 | |
| http://rhn.redhat.com/errata/RHSA-2017-0014.html | 2018-01-05 | |
| http://www.debian.org/security/2016/dsa-3691 | 2018-01-05 | |
| https://access.redhat.com/security/cve/CVE-2013-5653 | 2017-01-04 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Artifex Search vendor "Artifex" | Afpl Ghostscript Search vendor "Artifex" for product "Afpl Ghostscript" | 9.10 Search vendor "Artifex" for product "Afpl Ghostscript" and version "9.10" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||