Ghostscript access restriction bypass vulnerability


Ghostscript provided by Artifex Software Inc. contains an access restriction bypass vulnerability (CWE-284).

Hiroki MATSUKUMA of Cyber Defense Institute, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 7.8 (High) [IPA Score]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics 6.8 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
Affected Products

Artifex Software
  • Ghostscript 9.27 and earlier

For more information about the products that are affected by this vulnerability, see Vendor Information and References.

By Ghostscript processing a specially crafted file, arbitrary command may be executed with the privilege of Ghostscript.

[Update the Software]
Update the software according to the information provided by the developer.
According to developer, this vulnerability was addressed in Ghostscript 9.50.
Vendor Information

Artifex Software Canonical Debian openSUSE project
CWE (What is CWE?)

  1. Permissions(CWE-264) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2019-14869

  1. JVN : JVN#52486659
  2. National Vulnerability Database (NVD) : CVE-2019-14869
  3. Related document : CVE-2019-14869 ghostscript: -dSAFER escape in .charkeys
Revision History

  • [2020/02/05]
      Web page was published
  • [2020/02/13]
      Affected Products : Contents were added
      Vendor Information : Contents were added