The Proof-of-concept (PoC) of an exploit was posted online over the weekend about a Ghostscript vulnerability that compromises all component-based servers.
The PoC was published by Vietnamese security researcher Nguyen The Duc in GitHub and has been confirmed to work by several leading security researchers.
Ghostscript was released in 1988 and is a small library that allows applications to edit PDF documents and PostScript-based files.
Ghostscript is also used by the server, and is usually included in image conversion and file editing tools, such as the popular ImageMagick.
The PoC released by Nguyen allows an intruder to upload a malware archive SVG that is supposed to go for image processing, but runs maliciously code to the underlying operating system.
Nguyen may have been the one who publicly released PoC, but he did not discover the vulnerability.
Την ανακάλυψε ο Emil Lerner CTO και ιδρυτής της Wunderfund, ο οποίος χρησιμοποίησε το σφάλμα πέρυσι για να κερδίσει bug bounties από εταιρείες όπως τις Airbnb, dropbox and Yandex.
This is the second time the Ghostscript project has been in the news for security flaws. In August 2018, a Google security researcher made several critical discoveries vulnerable points in the Ghostscript library that Artifex (the company that develops it) failed to patch in time. However, the company released fixes two days after the vulnerabilities were made public.