Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-38560

An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format.

Published

2023-08-01T17:15:09.967

Last Modified

2024-11-21T08:13:49.903

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-190
Type: Primary
CWE-190

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	artifex	ghostscript	-	Yes

References

https://access.redhat.com/security/cve/CVE-2023-38560 Third Party Advisory ([email protected])
https://bugs.ghostscript.com/show_bug.cgi?id=706898 Permissions Required ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2224368 Issue Tracking, Third Party Advisory ([email protected])
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b7eb1d0174c Mailing List, Patch ([email protected])
https://access.redhat.com/security/cve/CVE-2023-38560 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugs.ghostscript.com/show_bug.cgi?id=706898 Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=2224368 Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b7eb1d0174c Mailing List, Patch (af854a3a-2127-422b-91ae-364da2661108)