Red Hat Bugzilla – Bug 91143
CAN-2003-0354 ghostscript -dSAFER execution vulnerability
Last modified: 2007-11-30 17:06:53 EST
A bug in ghostscript allows a malicious postscript file to
execute arbitrary commands when viewed even when using the -dSAFER flag.
However, the -dPARANOIDSAFER flag, used by printing etc, continues to block this
vulnerability, so the vulnerability has limited effect.
RHSA to follow
CVE applied for
An errata has been issued which should help the problem described in this bug report.
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen
this bug report if the solution does not work for you.