VULHUB ™

The ps2espi script included with gs-common creates temporary files in an insecure manner when invoking Ghostscript. A malicious local user could exploit this condition to create a symbolic link that could corrupt any local file which is writeable by the user invoking the vulnerable script.

The ps2espi script included with gs-common creates temporary files in an insecure manner when invoking Ghostscript. A malicious local user could exploit this condition to create a symbolic link that could corrupt any local file which is writeable by the user invoking the vulnerable script.