Ghostscript 'base/gxht_thresh.c' Heap Buffer Overflow Vulnerability

Ghostscript is prone to a heap-based buffer-overflow vulnerability.

An attacker can exploit this issue to cause denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed.

Information

Bugtraq ID: 97410
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2016-10317

Remote: Yes
Local: No
Published: Apr 03 2017 12:00AM
Credit: Kamil Frankowicz
Vulnerable: Ghostscript Ghostscript 9.20

Not Vulnerable:

References:

• Ghostscript Homepage (Ghostscript)
  
• Bug 697459 - Heap buffer overflow in fill_threshhold_buffer() (ghostscript)
  

Source: www.securityfocus.com