Artifex Software Ghostscript setsystemparams Procedure Security Bypass Vulnerability
A vulnerability in Artifex Software Ghostscript could allow an unauthenticated, remote attacker to access or modify data, execute arbitrary commands, or cause a denial of service (DoS) condition on an affected system.
The vulnerability exists because the setsystemparams procedure does not properly secure privileged calls. An attacker could exploit this vulnerability by executing a crafted PostScript file that submits malicious input to the affected system. A successful exploit could allow the attacker to access or modify data, execute arbitrary commands, or cause a DoS condition on the system.
Artifex Software has confirmed the vulnerability and released software updates.
Security Impact Rating: Critical