ID CVE-2016-8602
Summary The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.
References
Vulnerable Configurations
  • cpe:2.3:a:artifex:ghostscript:-:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:-:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:8_64:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:8_64:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.00:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.00:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.01:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.01:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.02:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.02:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.04:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.04:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.05:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.05:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.06:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.06:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.07:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.07:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.09:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.09:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.10:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.10:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.14:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.14:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.15:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.15:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.16:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.16:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.18:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.18:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.19:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.19:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:ghostscript:9.20:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:ghostscript:9.20:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 05-01-2018 - 02:31)
Impact:
Exploitability:
CWE CWE-704
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1383940
    title CVE-2016-8602 ghostscript: check for sufficient params in .sethalftone5
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment ghostscript is earlier than 0:9.07-20.el7_3.1
            oval oval:com.redhat.rhsa:tst:20170013001
          • comment ghostscript is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120095009
        • AND
          • comment ghostscript-cups is earlier than 0:9.07-20.el7_3.1
            oval oval:com.redhat.rhsa:tst:20170013003
          • comment ghostscript-cups is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20170013004
        • AND
          • comment ghostscript-devel is earlier than 0:9.07-20.el7_3.1
            oval oval:com.redhat.rhsa:tst:20170013005
          • comment ghostscript-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120095011
        • AND
          • comment ghostscript-doc is earlier than 0:9.07-20.el7_3.1
            oval oval:com.redhat.rhsa:tst:20170013007
          • comment ghostscript-doc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120095013
        • AND
          • comment ghostscript-gtk is earlier than 0:9.07-20.el7_3.1
            oval oval:com.redhat.rhsa:tst:20170013009
          • comment ghostscript-gtk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120095015
    rhsa
    id RHSA-2017:0013
    released 2017-01-04
    severity Moderate
    title RHSA-2017:0013: ghostscript security update (Moderate)
  • bugzilla
    id 1383940
    title CVE-2016-8602 ghostscript: check for sufficient params in .sethalftone5
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment ghostscript is earlier than 0:8.70-21.el6_8.1
            oval oval:com.redhat.rhsa:tst:20170014001
          • comment ghostscript is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120095009
        • AND
          • comment ghostscript-devel is earlier than 0:8.70-21.el6_8.1
            oval oval:com.redhat.rhsa:tst:20170014003
          • comment ghostscript-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120095011
        • AND
          • comment ghostscript-doc is earlier than 0:8.70-21.el6_8.1
            oval oval:com.redhat.rhsa:tst:20170014005
          • comment ghostscript-doc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120095013
        • AND
          • comment ghostscript-gtk is earlier than 0:8.70-21.el6_8.1
            oval oval:com.redhat.rhsa:tst:20170014007
          • comment ghostscript-gtk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120095015
    rhsa
    id RHSA-2017:0014
    released 2017-01-04
    severity Moderate
    title RHSA-2017:0014: ghostscript security update (Moderate)
rpms
  • ghostscript-0:9.07-20.el7_3.1
  • ghostscript-cups-0:9.07-20.el7_3.1
  • ghostscript-debuginfo-0:9.07-20.el7_3.1
  • ghostscript-devel-0:9.07-20.el7_3.1
  • ghostscript-doc-0:9.07-20.el7_3.1
  • ghostscript-gtk-0:9.07-20.el7_3.1
  • ghostscript-0:8.70-21.el6_8.1
  • ghostscript-debuginfo-0:8.70-21.el6_8.1
  • ghostscript-devel-0:8.70-21.el6_8.1
  • ghostscript-doc-0:8.70-21.el6_8.1
  • ghostscript-gtk-0:8.70-21.el6_8.1
refmap via4
bid 95311
confirm
debian DSA-3691
gentoo GLSA-201702-31
mlist [oss-security] 20161011 Re: CVE Request - multiple ghostscript -dSAFER sandbox problems
Last major update 05-01-2018 - 02:31
Published 14-04-2017 - 18:59
Last modified 05-01-2018 - 02:31
Back to Top