CVE-2017-14947

Published: Sep 30, 2017Modified: May 13, 2026

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Artifex GSView 6.0 Beta on Windows allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at mupdfnet64!mIncrementalSaveFile+0x0000000000193359."

Affected (1)

Products: Artifex: Gsview

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Artifex Gsview	Version 6.0 beta

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (2)

https://bugs.ghostscript.com/show_bug.cgi?id=698551

Source: cve@mitre.org

ExploitIssue TrackingThird Party Advisory

https://bugs.ghostscript.com/show_bug.cgi?id=698551

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

Timeline

No history available yet.