ID CVE-2016-8602
Summary The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.
References
Vulnerable Configurations
  • cpe:2.3:a:artifex:ghostscript:8_64:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:8_64:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.00:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.00:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.01:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.01:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.02:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.02:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.04:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.04:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.05:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.05:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.06:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.06:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.07:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.07:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.09:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.09:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.10:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.10:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.14:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.14:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.15:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.15:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.16:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.16:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.18:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.18:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.19:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.19:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.20:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.20:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 05-01-2018 - 02:31)
Impact:
Exploitability:
CWE CWE-704
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1383940
    title CVE-2016-8602 ghostscript: check for sufficient params in .sethalftone5
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    • OR
      • AND
        • comment ghostscript is earlier than 0:9.07-20.el7_3.1
          oval oval:com.redhat.rhsa:tst:20170013011
        • comment ghostscript is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120095013
      • AND
        • comment ghostscript-cups is earlier than 0:9.07-20.el7_3.1
          oval oval:com.redhat.rhsa:tst:20170013009
        • comment ghostscript-cups is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20170013010
      • AND
        • comment ghostscript-devel is earlier than 0:9.07-20.el7_3.1
          oval oval:com.redhat.rhsa:tst:20170013007
        • comment ghostscript-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120095017
      • AND
        • comment ghostscript-doc is earlier than 0:9.07-20.el7_3.1
          oval oval:com.redhat.rhsa:tst:20170013013
        • comment ghostscript-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120095019
      • AND
        • comment ghostscript-gtk is earlier than 0:9.07-20.el7_3.1
          oval oval:com.redhat.rhsa:tst:20170013005
        • comment ghostscript-gtk is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120095015
    rhsa
    id RHSA-2017:0013
    released 2017-01-04
    severity Moderate
    title RHSA-2017:0013: ghostscript security update (Moderate)
  • bugzilla
    id 1383940
    title CVE-2016-8602 ghostscript: check for sufficient params in .sethalftone5
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment ghostscript is earlier than 0:8.70-21.el6_8.1
          oval oval:com.redhat.rhsa:tst:20170014009
        • comment ghostscript is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120095013
      • AND
        • comment ghostscript-devel is earlier than 0:8.70-21.el6_8.1
          oval oval:com.redhat.rhsa:tst:20170014005
        • comment ghostscript-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120095017
      • AND
        • comment ghostscript-doc is earlier than 0:8.70-21.el6_8.1
          oval oval:com.redhat.rhsa:tst:20170014007
        • comment ghostscript-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120095019
      • AND
        • comment ghostscript-gtk is earlier than 0:8.70-21.el6_8.1
          oval oval:com.redhat.rhsa:tst:20170014011
        • comment ghostscript-gtk is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120095015
    rhsa
    id RHSA-2017:0014
    released 2017-01-04
    severity Moderate
    title RHSA-2017:0014: ghostscript security update (Moderate)
rpms
  • ghostscript-0:9.07-20.el7_3.1
  • ghostscript-cups-0:9.07-20.el7_3.1
  • ghostscript-devel-0:9.07-20.el7_3.1
  • ghostscript-doc-0:9.07-20.el7_3.1
  • ghostscript-gtk-0:9.07-20.el7_3.1
  • ghostscript-0:8.70-21.el6_8.1
  • ghostscript-devel-0:8.70-21.el6_8.1
  • ghostscript-doc-0:8.70-21.el6_8.1
  • ghostscript-gtk-0:8.70-21.el6_8.1
refmap via4
bid 95311
confirm
debian DSA-3691
gentoo GLSA-201702-31
mlist [oss-security] 20161011 Re: CVE Request - multiple ghostscript -dSAFER sandbox problems
Last major update 05-01-2018 - 02:31
Published 14-04-2017 - 18:59
Back to Top