Call Us : +91-771045-0011 | +91-771045-0022

GhostScript Bug! Allowing Remote Access to Systems For BlackHats


Category : Latest Vulnerabilities and Cyber Threats

A suite named GhostScript which is based on an interpreter for the organizations like Adobe System PostScript and PDF page deion languages used by a huge amount of IT companies around the globe is found to be infected with a potential flaw in it. This flaw in the GhostScript is allowing the blackhats to have a remote access over the user’s system. The pounding news is that there is no defense or patch available which can be used if the exploit is executed.

This flaw was disclosed by TAVIS ORMANDY a security reacher at Google also a member of the Project Zero Security Team. He mentioned that this vulnerability is new therefore patch is to be developed. He also mentioned that no CVE ID is assigned yet to prevent it from being used.

GhostScript is an interpreter used by many organizations in developing software suites and code library which is further used in the development of desktop and server-based software. The common tools which are used in the industry are PostScripts and PDFs.

A lot of organizations is affected by this flaw including MNCs like RedHat, Ubuntu, Artifex software and ImageMagick. This flaw also affects the US-CERT. The number of companies which is affected can increase as GhostScript is the choice of the which is generally opted in the IT industry.

This vulnerability happened due to the GhostScript option ( -dSAFER ) which accidentally enabled unsafe activity application using GhostScript as an implementation of their code. This (-dSAFER) option is generally used to prevent developers from unsafe executions of PostScript.

While using the GhostScript to develop a file or directory can give a remote attacker the privileges to execute library commands and this will help an attacker to execute a malicious . A number of vulnerabilities found in GhostScript and no patch were found yet but some vulnerable function was shut down.

In order to prevent and protect the system against this vulnerability, the US-CERT is suggesting to disable some processes in the GhostScript.

It is mentioned that the exploit uses the PS, EPS, PDF and XPS coders by default in the policy.xml and there is also a big safety issue in the -dSAFER.

Contact Us


Request more information

suggested for you

Proudly Operated from India

© 2016 Copyrights. All Rights Reserved

Bootstrap Example

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.

Sign Up Log In