mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 06:55:56 +02:00
0xMarcio
829 B
829 B
CVE-2019-10216
Description
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.
POC
Reference
No PoCs from references.