Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Linux :: Apps A-M :: lnx5403.htm

Ghostscript command execution vulnerability



5th Jun 2002 [SBWID-5403]
COMMAND

	Ghostscript command execution vulnerability

SYSTEMS AFFECTED

	versions prior to 6.53

PROBLEM

	In Red Hat Security Advisory RHSA-2002:083-22:
	

	Ghostscript is a program for displaying  PostScript  files  or  printing
	them to non-PostScript printers.
	

	An untrusted PostScript file can cause ghostscript to execute  arbitrary
	commands due to insufficient checking. Since ghostscript is  often  used
	during the course of printing a document (and is run  as  user  \'lp\'),
	all users should install these fixed packages.
	

	

SOLUTION

	The problem is fixed in the 6.53 source release of GNU Ghostscript


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH