First published: Thu Aug 13 2020(Updated: )
A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/ghostscript | <0:9.27-1.el8 | 0:9.27-1.el8 |
Artifex Ghostscript | <9.52 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =20.04 | |
redhat/ghostscript | <9.51 | 9.51 |
debian/ghostscript | 9.53.3~dfsg-7+deb11u7 10.0.0~dfsg-11+deb12u4 10.0.0~dfsg-11+deb12u5 10.04.0~dfsg-1 |
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=714e8995cd582d418276915cbbec3c70711fb19e
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-16300 is a buffer overflow vulnerability in Artifex Software GhostScript v9.50 that allows a remote attacker to cause a denial of service via a crafted PDF file.
The severity of CVE-2020-16300 is medium, with a severity value of 5.5.
You can fix CVE-2020-16300 by updating to version 9.51 of Artifex Software GhostScript.
You can find more information about CVE-2020-16300 at the following references: [link1], [link2], [link3].