Ghostscript -dSAFER Sandbox

Ghostscript -dSAFER Sandbox Bypass Vulnerability (CVE-2019-10216) Threat Alert

August 30, 2019


Recently, Ghostscript announced the discovery of the -dSAFER sandbox bypass vulnerability (CVE-2019-10216). The .buildfont1 procedure in Ghostscript does not properly restrict privileged calls, which allows attackers to escalate privileges and access files beyond the restricted domain. (more…)


Subscribe to the NSFOCUS Blog