QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2010-2055

Back to search

CVE-2010-2055

Published: Jul 22, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

Ghostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option to the gs program, as demonstrated using gs_init.ps, a different vulnerability than CVE-2010-4820.

VendorProductVersions

n/a

n/a

affected
n/a

References

66247
vdb-entry
x_refsource_OSVDB
40532
third-party-advisory
x_refsource_SECUNIA
RHSA-2012:0095
vendor-advisory
x_refsource_REDHAT
GLSA-201412-17
vendor-advisory
x_refsource_GENTOO
ADV-2010-1757
vdb-entry
x_refsource_VUPEN
FEDORA-2010-10642
vendor-advisory
x_refsource_FEDORA
40452
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2010:014
vendor-advisory
x_refsource_SUSE
40475
third-party-advisory
x_refsource_SECUNIA
FEDORA-2010-10660
vendor-advisory
x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2010-2055 - Security Vulnerability | QwikSec