CVE-2020-15900
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32_t. This was fixed in commit 5d499272b95a6b890a1397e11d20937de000d31b.
Se encontró un problema de corrupción de memoria en Artifex Ghostscript versiones 9.50 y 9.52. El uso de un operador PostScript no estándar puede permitir la anulación de los controles de acceso de archivos. El cálculo de "rsearch" para el tamaño de "post" resultó en un tamaño que era demasiado grande y podría llegar a un máximo de uint32_t. Esto se corrigió en commit 5d499272b95a6b890a1397e11d20937de000d31b
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-07-22 CVE Reserved
- 2020-07-28 CVE Published
- 2024-08-04 CVE Updated
- 2024-11-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-191: Integer Underflow (Wrap or Wraparound)
- CWE-787: Out-of-bounds Write
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://git.ghostscript.com/?p=ghostpdl.git%3Ba=log | X_refsource_misc | |
| https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=5d499272b95a6b890a1397e11d20937de000d31b | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/ArtifexSoftware/ghostpdl/commit/5d499272b95a6b890a1397e11d20937de000d31b | 2023-11-07 | |
| https://github.com/ArtifexSoftware/ghostpdl/commits/master/psi/zstring.c | 2023-11-07 |
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00004.html | 2023-11-07 | |
| http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00006.html | 2023-11-07 | |
| https://artifex.com/security-advisories/CVE-2020-15900 | 2023-11-07 | |
| https://security.gentoo.org/glsa/202008-20 | 2023-11-07 | |
| https://usn.ubuntu.com/4445-1 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Artifex Search vendor "Artifex" | Ghostscript Search vendor "Artifex" for product "Ghostscript" | 9.50 Search vendor "Artifex" for product "Ghostscript" and version "9.50" | - |
Affected
| ||||||
| Artifex Search vendor "Artifex" | Ghostscript Search vendor "Artifex" for product "Ghostscript" | 9.52 Search vendor "Artifex" for product "Ghostscript" and version "9.52" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 20.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "20.04" | lts |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.1 Search vendor "Opensuse" for product "Leap" and version "15.1" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.2 Search vendor "Opensuse" for product "Leap" and version "15.2" | - |
Affected
| ||||||