CVE-2020-36773

Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature).
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:artifex:ghostscript:9.51:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.52:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.52.1:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.53.0:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.53.0:rc2:*:*:*:*:*:*

History

04 Mar 2024, 23:04

Type Values Removed Values Added
CPE cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:* cpe:2.3:a:artifex:ghostscript:9.51:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.53.0:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.53.0:rc2:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.52:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.52.1:*:*:*:*:*:*:*

13 Feb 2024, 00:39

Type Values Removed Values Added
Summary
  • (es) Artifex Ghostscript anterior a 9.53.0 tiene una escritura y un use-after-free fuera de los límites en devices/vector/gdevtxtw.c (para txtwrite) porque un código de un solo carácter en un documento PDF se puede asignar a más de un punto de código Unicode. (por ejemplo, para una ligadura).
References () https://bugs.ghostscript.com/show_bug.cgi?id=702229 - () https://bugs.ghostscript.com/show_bug.cgi?id=702229 - Issue Tracking, Patch
References () https://bugzilla.opensuse.org/show_bug.cgi?id=1177922 - () https://bugzilla.opensuse.org/show_bug.cgi?id=1177922 - Issue Tracking
References () https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=8c7bd787defa071c96289b7da9397f673fddb874 - () https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=8c7bd787defa071c96289b7da9397f673fddb874 - Broken Link
References () https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/tag/gs9530 - () https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/tag/gs9530 - Release Notes
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CWE CWE-787
CWE-416
First Time Artifex ghostscript
Artifex
CPE cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*

04 Feb 2024, 18:16

Type Values Removed Values Added
New CVE

Information

Published : 2024-02-04 18:16

Updated : 2024-03-04 23:04


NVD link : CVE-2020-36773

Mitre link : CVE-2020-36773

CVE.ORG link : CVE-2020-36773


JSON object : View

Products Affected

artifex

  • ghostscript
CWE
CWE-416

Use After Free

CWE-787

Out-of-bounds Write