1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Ghostscript Arbitrary Command Upload

Attack: Ghostscript Arbitrary Command Upload

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects the attempts to execute arbitrary code in the context of the application or obtain potentially sensitive information. Failed exploits may result in denial-of-service conditions.

Additional Information

Ghostscript is a set of tools and libraries for handling Portable Document Format (PDF) and PostScript files.

Ghostscript is prone to multiple security-bypass vulnerabilities. Specifically, this issue occurs because postScript operations bypass the protections provided by -dSAFER. Successful exploits may allow an attackers to execute arbitrary commands with arbitrary arguments.

Successful exploits of these issues may allow remote attackers to execute arbitrary code in the context of the application or obtain potentially sensitive information. Failed exploits may result in denial-of-service conditions.

Affected

  • Various versions of ImageMagick, GIMP, GNOME, Ghostscript.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube