{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-09-28T00:00:00", "descriptions": [{"lang": "en", "value": "Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-18T01:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "DSA-3691", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3691"}, {"name": "95334", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/95334"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"}, {"name": "RHSA-2017:0013", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0013.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=8abd22010eb4db0fb1b10e430d5f5d83e015ef70"}, {"name": "[oss-security] 20160928 Re: ImageMagick identify \"d:\" hangs", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/09/29/28"}, {"name": "RHSA-2017:0014", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0014.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=697169"}, {"name": "[oss-security] 20161005 Re: CVE Request - multiple ghostscript -dSAFER sandbox problems", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/10/05/15"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://ghostscript.com/doc/9.21/History9.htm"}, {"name": "GLSA-201702-31", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201702-31"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-7977", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-3691", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3691"}, {"name": "95334", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95334"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"}, {"name": "RHSA-2017:0013", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0013.html"}, {"name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=8abd22010eb4db0fb1b10e430d5f5d83e015ef70", "refsource": "CONFIRM", "url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=8abd22010eb4db0fb1b10e430d5f5d83e015ef70"}, {"name": "[oss-security] 20160928 Re: ImageMagick identify \"d:\" hangs", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/09/29/28"}, {"name": "RHSA-2017:0014", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0014.html"}, {"name": "https://bugs.ghostscript.com/show_bug.cgi?id=697169", "refsource": "CONFIRM", "url": "https://bugs.ghostscript.com/show_bug.cgi?id=697169"}, {"name": "[oss-security] 20161005 Re: CVE Request - multiple ghostscript -dSAFER sandbox problems", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/10/05/15"}, {"name": "https://ghostscript.com/doc/9.21/History9.htm", "refsource": "CONFIRM", "url": "https://ghostscript.com/doc/9.21/History9.htm"}, {"name": "GLSA-201702-31", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-31"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T02:13:21.566Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-3691", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3691"}, {"name": "95334", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/95334"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"}, {"name": "RHSA-2017:0013", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0013.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=8abd22010eb4db0fb1b10e430d5f5d83e015ef70"}, {"name": "[oss-security] 20160928 Re: ImageMagick identify \"d:\" hangs", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/09/29/28"}, {"name": "RHSA-2017:0014", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0014.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=697169"}, {"name": "[oss-security] 20161005 Re: CVE Request - multiple ghostscript -dSAFER sandbox problems", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/10/05/15"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://ghostscript.com/doc/9.21/History9.htm"}, {"name": "GLSA-201702-31", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201702-31"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-7977", "datePublished": "2017-05-23T03:56:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:21.566Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*", "matchCriteriaId": "9E3E6A8E-786F-4796-A27F-88FFCA10CBCC", "versionEndIncluding": "9.20", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document."}, {"lang": "es", "value": "Ghostscript anterior a la versi\u00f3n 9.21 podr\u00eda permitir que los atacantes remotos eludieran el mecanismo de protecci\u00f3n del modo SAFER y, en consecuencia, leyeran archivos arbitrarios mediante el uso del operador .libfile en un documento Postscript manipulado."}], "id": "CVE-2016-7977", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-05-23T04:29:01.523", "references": [{"source": "cve@mitre.org", "url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=8abd22010eb4db0fb1b10e430d5f5d83e015ef70"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2017-0013.html"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2017-0014.html"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2016/dsa-3691"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch"], "url": "http://www.openwall.com/lists/oss-security/2016/09/29/28"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch"], "url": "http://www.openwall.com/lists/oss-security/2016/10/05/15"}, {"source": "cve@mitre.org", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95334"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch"], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=697169"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://ghostscript.com/doc/9.21/History9.htm"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201702-31"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=8abd22010eb4db0fb1b10e430d5f5d83e015ef70"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2017-0013.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2017-0014.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2016/dsa-3691"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "http://www.openwall.com/lists/oss-security/2016/09/29/28"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "http://www.openwall.com/lists/oss-security/2016/10/05/15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95334"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=697169"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://ghostscript.com/doc/9.21/History9.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201702-31"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2017:0014", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "ghostscript-0:8.70-21.el6_8.1", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2017-01-04T00:00:00Z"}, {"advisory": "RHSA-2017:0013", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "ghostscript-0:9.07-20.el7_3.1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-01-04T00:00:00Z"}], "bugzilla": {"description": "ghostscript: .libfile does not honor -dSAFER", "id": "1380415", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1380415"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "status": "verified"}, "cvss3": {"cvss3_base_score": "6.2", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "status": "verified"}, "details": ["Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.", "It was found that ghostscript function .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could, in the context of the gs process, retrieve file content on the target machine."], "name": "CVE-2016-7977", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "ghostscript", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/a:redhat:openshift:2", "fix_state": "Will not fix", "package_name": "ghostscript", "product_name": "Red Hat OpenShift Enterprise 2"}], "public_date": "2016-09-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-7977\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-7977"], "threat_severity": "Moderate"}