CVE-2016-9601

Published: Apr 24, 2018Modified: Nov 21, 2024

5.5

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript.

Affected (4)

Products: Artifex: Gpl Ghostscript, Jbig2dec · Debian: Debian Linux

2 products

Gpl Ghostscript

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Artifex Gpl Ghostscript	Before 9.21

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Artifex Jbig2dec	Up to 0.13
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

References (12)

http://git.ghostscript.com/?p=jbig2dec.git%3Ba=commit%3Bh=e698d5c11d27212aa1098bc5b1673a3378563092

Source: secalert@redhat.com

http://www.securityfocus.com/bid/97095

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://bugs.ghostscript.com/show_bug.cgi?id=697457

Source: secalert@redhat.com

Issue TrackingThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9601

Source: secalert@redhat.com

Issue TrackingThird Party Advisory

https://security.gentoo.org/glsa/201706-24

Source: secalert@redhat.com

Third Party Advisory

https://www.debian.org/security/2017/dsa-3817

Source: secalert@redhat.com

Third Party Advisory

http://git.ghostscript.com/?p=jbig2dec.git%3Ba=commit%3Bh=e698d5c11d27212aa1098bc5b1673a3378563092

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/97095

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://bugs.ghostscript.com/show_bug.cgi?id=697457

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9601

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://security.gentoo.org/glsa/201706-24

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.debian.org/security/2017/dsa-3817

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.