CVE-2023-28879

Description from NVD

In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written.

Information Acquisition Date:2023-04-13T15:03Z

CVSS 2.0: 0.0 None CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchange	Change
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

NVD References

https://bugs.ghostscript.com/show_bug.cgi?id=706494
source:MISC
tags:Exploit Vendor Advisory

https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=37ed5022cecd584de868933b5b60da2e995b3179
source:MISC
tags:Patch

https://ghostscript.readthedocs.io/en/latest/News.html
source:MISC
tags:Release Notes

[debian-lts-announce] 20230404 [SECURITY] [DLA 3381-1] ghostscript security update
source:MLIST
tags:Mailing List Third Party Advisory

DSA-5383
source:DEBIAN
tags:Third Party Advisory

FEDORA-2023-f51bc947bb
source:FEDORA
tags:

[oss-security] 20230412 Ghostscript CVE-2023-28879: "Shell in the Ghost"
source:MLIST
tags:

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

Software Tag: Linux(3 tweets) Windows(1 tweets)

List of frequently cited URLs

URL	Num of Times Referred to
https://offsec.almond.consulting/ghostscript-cve-2023-28879...	24
https://twitter.com/AlmondOffSec/status/1645785869432004611	5

▼ Show Information from Twitter(74)

User	URL	Info Source	Date
CVEreport	https://cve.report/CVE-2023-28879	Source CVEreport 1641849703229685784	2023/04/01
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2023-28879	Source threatintelctr 1641854600767471650	2023/04/01
CVEnew	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28879	Source CVEnew 1641862991883690000	2023/04/01
WolfgangSesin	http://www.sesin.at	Source WolfgangSesin 1641863160129806346	2023/04/01
WolfgangSesin	https://www.sesin.at/2023/03/31/cve-2023-28879-artifex-ghos...	Source WolfgangSesin 1641863160129806346	2023/04/01
www_sesin_at	http://www.sesin.at	Source www_sesin_at 1641863165561405442	2023/04/01
www_sesin_at	https://www.sesin.at/2023/03/31/cve-2023-28879-artifex-ghos...	Source www_sesin_at 1641863165561405442	2023/04/01
WolfgangSesin	http://www.sesin.at	Source WolfgangSesin 1641870541068853251	2023/04/01
WolfgangSesin	https://www.sesin.at/2023/03/31/cve-2023-28879	Source WolfgangSesin 1641870541068853251	2023/04/01
www_sesin_at	http://www.sesin.at	Source www_sesin_at 1641870543166005261	2023/04/01
www_sesin_at	https://www.sesin.at/2023/03/31/cve-2023-28879	Source www_sesin_at 1641870543166005261	2023/04/01
VulmonFeeds	http://vulmon.com/vulnerabilitydetails?qid=CVE-2023-28879	Source VulmonFeeds 1641875931764514821	2023/04/01
vulnonym	None	Source vulnonym 1641913237619765250	2023/04/01
sidfm_jp	https://sid.softek.jp/content/show/45607	Source sidfm_jp 1642768922050174977	2023/04/03
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2023-28879	Source threatintelctr 1643364549305810945	2023/04/05
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2023-28879	Source threatintelctr 1643832635595030529	2023/04/06
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2023-28879	Source threatintelctr 1644527212157173761	2023/04/08
WolfgangSesin	http://www.sesin.at	Source WolfgangSesin 1644954599017553926	2023/04/09
WolfgangSesin	https://www.sesin.at/2023/04/09/cve-2023-28879-debian_linux...	Source WolfgangSesin 1644954599017553926	2023/04/09
www_sesin_at	http://www.sesin.at	Source www_sesin_at 1644954601018339329	2023/04/09
www_sesin_at	https://www.sesin.at/2023/04/09/cve-2023-28879-debian_linux...	Source www_sesin_at 1644954601018339329	2023/04/09
AlmondOffSec	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source AlmondOffSec 1645785869432004611	2023/04/11
AlmondOffSec	https://twitter.com/AlmondOffSec/status/1645785869432004611...	Source AlmondOffSec 1645785869432004611	2023/04/11
ipssignatures	https://twitter.com/search?src=sprv&q=CVE-2023-28879	Source ipssignatures 1645820004925939712	2023/04/12
ipssignatures	https://twitter.com/AlmondOffSec/status/1645785869432004611	Source ipssignatures 1645820005819244545	2023/04/12
Dinosn	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source Dinosn 1645857020266917888	2023/04/12
Tinolle	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source Tinolle 1645869102123356161	2023/04/12
betterhn20	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source betterhn20 1645976843718209537	2023/04/12
betterhn20	https://news.ycombinator.com/item?id=35529444	Source betterhn20 1645976843718209537	2023/04/12
top3cve	https://twitter.com/twitter/statuses/1644522054102974464	Source top3cve 1645978532554612737	2023/04/12
top3cve	https://twitter.com/twitter/statuses/1645908691550457856	Source top3cve 1645978532554612737	2023/04/12
top3cve	https://twitter.com/twitter/statuses/1644059917966364695	Source top3cve 1645978532554612737	2023/04/12
ksg93rd	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source ksg93rd 1645986788266192896	2023/04/12
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2023-28879	Source threatintelctr 1645991876359495681	2023/04/12
ipssignatures	https://twitter.com/AlmondOffSec/status/1645785869432004611	Source ipssignatures 1646002208960401408	2023/04/12
ipssignatures	https://twitter.com/Dinosn/status/1645857020266917888	Source ipssignatures 1646031898131456002	2023/04/12
cyber_advising	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source cyber_advising 1646048854729433091	2023/04/12
cyber_advising	https://twitter.com/cyber_advising/status/16460488547294330...	Source cyber_advising 1646048854729433091	2023/04/12
VessOnSecurity	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source VessOnSecurity 1646056512685502465	2023/04/12
PentestingN	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source PentestingN 1646064990128947200	2023/04/12
jedisct1	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source jedisct1 1646102870142377984	2023/04/12
momika233	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source momika233 1646103786874888192	2023/04/12
ipssignatures	https://twitter.com/AlmondOffSec/status/1645785869432004611	Source ipssignatures 1646123005985320960	2023/04/12
autumn_good_35	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source autumn_good_35 1646135105826721793	2023/04/12
autumn_good_35	https://twitter.com/autumn_good_35/status/16461351058267217...	Source autumn_good_35 1646135105826721793	2023/04/12
IT_news_for_all	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source IT_news_for_all 1646154632379416583	2023/04/12
IT_news_for_all	https://t.me/s/it_news_for_all/71546	Source IT_news_for_all 1646154632379416583	2023/04/12
IT_news_for_all	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source IT_news_for_all 1646154770523070468	2023/04/12
IT_news_for_all	https://t.me/s/it_news_for_all/71547	Source IT_news_for_all 1646154770523070468	2023/04/12
IT_news_for_all	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source IT_news_for_all 1646154844439183366	2023/04/12
IT_news_for_all	https://t.me/s/it_news_for_all/71548	Source IT_news_for_all 1646154844439183366	2023/04/12
_r_netsec	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source _r_netsec 1646162029017743361	2023/04/12
luiscosio	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source luiscosio 1646162486406594565	2023/04/12
Myinfosecfeed	https://ift.tt/GTDIPb5	Source Myinfosecfeed 1646164201986043904	2023/04/12
CybrXx0	https://ift.tt/ezqY8Xh	Source CybrXx0 1646166829205733378	2023/04/13
oss_security	https://artifex.com/news/critical-security-vulnerability-fi...	Source oss_security 1646199649617981440	2023/04/13
oss_security	http://dlvr.it/SmNSCj	Source oss_security 1646199649617981440	2023/04/13
Har_sia	https://har-sia.info/CVE-2023-28879.html	Source Har_sia 1646218269517570048	2023/04/13
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2023-28879	Source threatintelctr 1646263654310989824	2023/04/13
axcheron	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source axcheron 1646273504474529796	2023/04/13
FAMASoon	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source FAMASoon 1646315955776274432	2023/04/13
ipssignatures	https://twitter.com/momika233/status/1646103786874888192	Source ipssignatures 1646394283950309377	2023/04/13
robnavrey	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source robnavrey 1646402170084896768	2023/04/13
IT_news_for_all	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source IT_news_for_all 1646427586149466112	2023/04/13
IT_news_for_all	https://t.me/s/it_news_for_all/71583	Source IT_news_for_all 1646427586149466112	2023/04/13
almond_consult	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source almond_consult 1646529503672569859	2023/04/14
almond_consult	https://twitter.com/AlmondOffSec/status/1645785869432004611	Source almond_consult 1646529503672569859	2023/04/14
InfosecMonk	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source InfosecMonk 1646709297215336448	2023/04/14
ant0inet	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source ant0inet 1646731363184173057	2023/04/14
abclinuxu	http://www.abclinuxu.cz/zpravicky/kriticka-bezpecnostni-chy...	Source abclinuxu 1646756423114670080	2023/04/14
Dinosn	https://www.reddit.com/r/netsec/comments/12ik78x/shell_in_t...	Source Dinosn 1646844120277692416	2023/04/14
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2023-28879	Source threatintelctr 1647094125978689538	2023/04/15
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2023-28879	Source threatintelctr 1647146976759390209	2023/04/15
infination	https://offsec.almond.consulting/ghostscript-cve-2023-28879...	Source infination 1648095223807877125	2023/04/18

List of frequently cited URLs

URL	Num of Times Referred to
offsec.almond.consulting	24
twitter.com	5

▼ Show Information from Twitter(74)

User	URL	Info Source
CVEreport	cve.report	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
CVEnew	cve.mitre.org	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
VulmonFeeds	vulmon.com	Show Tweet
vulnonym		Show Tweet
sidfm_jp	sid.softek.jp	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
AlmondOffSec	offsec.almond.consulting	Show Tweet
AlmondOffSec	twitter.com	Show Tweet
ipssignatures	twitter.com	Show Tweet
ipssignatures	twitter.com	Show Tweet
Dinosn	offsec.almond.consulting	Show Tweet
Tinolle	offsec.almond.consulting	Show Tweet
betterhn20	offsec.almond.consulting	Show Tweet
betterhn20	news.ycombinator.com	Show Tweet
top3cve	twitter.com	Show Tweet
top3cve	twitter.com	Show Tweet
top3cve	twitter.com	Show Tweet
ksg93rd	offsec.almond.consulting	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
ipssignatures	twitter.com	Show Tweet
ipssignatures	twitter.com	Show Tweet
cyber_advising	offsec.almond.consulting	Show Tweet
cyber_advising	twitter.com	Show Tweet
VessOnSecurity	offsec.almond.consulting	Show Tweet
PentestingN	offsec.almond.consulting	Show Tweet
jedisct1	offsec.almond.consulting	Show Tweet
momika233	offsec.almond.consulting	Show Tweet
ipssignatures	twitter.com	Show Tweet
autumn_good_35	offsec.almond.consulting	Show Tweet
autumn_good_35	twitter.com	Show Tweet
IT_news_for_all	offsec.almond.consulting	Show Tweet
IT_news_for_all	t.me	Show Tweet
IT_news_for_all	offsec.almond.consulting	Show Tweet
IT_news_for_all	t.me	Show Tweet
IT_news_for_all	offsec.almond.consulting	Show Tweet
IT_news_for_all	t.me	Show Tweet
_r_netsec	offsec.almond.consulting	Show Tweet
luiscosio	offsec.almond.consulting	Show Tweet
Myinfosecfeed	ift.tt	Show Tweet
CybrXx0	ift.tt	Show Tweet
oss_security	artifex.com	Show Tweet
oss_security	dlvr.it	Show Tweet
Har_sia	har-sia.info	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
axcheron	offsec.almond.consulting	Show Tweet
FAMASoon	offsec.almond.consulting	Show Tweet
ipssignatures	twitter.com	Show Tweet
robnavrey	offsec.almond.consulting	Show Tweet
IT_news_for_all	offsec.almond.consulting	Show Tweet
IT_news_for_all	t.me	Show Tweet
almond_consult	offsec.almond.consulting	Show Tweet
almond_consult	twitter.com	Show Tweet
InfosecMonk	offsec.almond.consulting	Show Tweet
ant0inet	offsec.almond.consulting	Show Tweet
abclinuxu	abclinuxu.cz	Show Tweet
Dinosn	reddit.com	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
infination	offsec.almond.consulting	Show Tweet

GitHub Search Results: Up to 10

Name	URL
No Data

GitHub Search Results: Up to 10

Name	URL
No Data

2023/04/18 Score : 0
Added Har-sia Database : 2023/04/01
Last Modified : 2023/04/18
Highest Scored Date : 2023/04/12
Highest Score : 30