HTTP: Artifex Ghostscript PostScript Handling s_xBCPE_process Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Artifex Ghostscript PostScript. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the application.
Extended Description
In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written.
Affected Products
Debian debian_linux
Short Name
HTTP:OVERFLOW:ARTEFX-POSTSCRPT
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Artifex Buffer CVE-2023-28879 Ghostscript Handling Overflow PostScript s_xBCPE_process
Release Date
05/09/2023
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3596
False Positive
Rarely
Vendors
Debian
Artifex