CVE-2023-46751

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 6, 2023

Updated: Dec 16, 2023

CWE ID 416

Summary

CVE-2023-46751 is a newly disclosed vulnerability affecting the Ghostscript software version 10.02.0 and below. This issue lies within the function gdev_prn_open_printer_seekable(), which enables remote attackers to trigger a crash by leveraging a dangling pointer. By exploiting this vulnerability, attackers can cause the application to crash, potentially leading to denial-of-service conditions or further security breaches. Users are strongly advised to update to a patched version of Ghostscript to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

GhostScript

Affected Vendors

Artifex

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/slkJwa
https://www.cve.org/CVERecord?id=CVE-2023-46751
https://nvd.nist.gov/vuln/detail/CVE-2023-46751

Back to Vulnerability Database