Ghostscript GhostXPS CVE-2017-9727 Denial of Service Vulnerability

Ghostscript GhostXPS is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Due to the nature of this issue, code execution may be possible but this has not been confirmed.

Ghostscript GhostXPS 9.22 is vulnerable; other versions may also be affected.

Information

Bugtraq ID: 99999
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-9727

Remote: Yes
Local: No
Published: Jun 14 2017 12:00AM
Updated: Jun 14 2017 12:00AM
Credit: Kim Gwan Yeong
Vulnerable: Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Redhat Enterprise Linux 5
Artifex Ghostscript 9.22

Not Vulnerable:

Exploit

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

References:

• Bug 1475833 - (CVE-2017-9727) CVE-2017-9727 ghostscript: Heap-buffer over-read i (Red Hat)
  
• Bug 698056 - heap-buffer-overflow in gx_ttfReader__Read(base/gxttfb.c) (Ghostscript)
  
• CVE-2017-9727 (Red Hat)
  
• GhostXPS Homepage (Ghostscript)
  
• projects / ghostpdl.git / commit : Bug 698056: make bounds check in gx_ttfReader (Ghostscript)
  

Source: www.securityfocus.com