CVE-2022-1350

Published: Apr 14, 2022

Modified: Apr 15, 2025

PUBLISHED

CVSS v3.1

4.3

MEDIUM

Description

A vulnerability classified as problematic was found in GhostPCL 9.55.0. This vulnerability affects the function chunk_free_object of the file gsmchunk.c. The manipulation with a malicious file leads to a memory corruption. The attack can be initiated remotely but requires user interaction. The exploit has been disclosed to the public as a POC and may be used. It is recommended to apply the patches to fix this issue.

Vendor	Product	Versions
unspecified	GhostPCL	affected `9.55.0`

Weaknesses (CWE)

CWE-119

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

References

https://bugs.ghostscript.com/show_bug.cgi?id=705156

x_refsource_MISC

https://bugs.ghostscript.com/attachment.cgi?id=22323

x_refsource_MISC

https://vuldb.com/?id.197290

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-1350

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References