Ghostscript -dSAFER Sandbox Bypass Vulnerability (CVE-2019-10216) Threat Alert
August 30, 2019
Overview
Recently, Ghostscript announced the discovery of the -dSAFER sandbox bypass vulnerability (CVE-2019-10216). The .buildfont1 procedure in Ghostscript does not properly restrict privileged calls, which allows attackers to escalate privileges and access files beyond the restricted domain. (more…)
