CVE-2016-7979

Priority
Description
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER
mode protection mechanism and consequently execute arbitrary code by
leveraging type confusion in .initialize_dsc_parser.
Notes
sbeattiereproducer in ghostscript bug report
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [9.10~dfsg-0ubuntu10.5])
Ubuntu 16.04 LTS (Xenial Xerus):released (9.18~dfsg~0-0ubuntu2.2)
Patches:
Upstream:http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=875a0095f37626a721c7ff57d606a0f95af03913
More Information

Updated: 2020-01-29 19:56:45 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)