CVE-2025-27833
Published: 25 March 2025
Description
Adversaries may exploit software vulnerabilities in client applications to execute code.
Security Summary
CVE-2025-27833 is a buffer overflow vulnerability (CWE-120) discovered in Artifex Ghostscript versions before 10.05.0. The flaw occurs in the pdf/pdf_fmap.c component when processing a long TTF font name, potentially leading to memory corruption. This affects systems or applications that use vulnerable Ghostscript installations for PDF or PostScript processing.
Exploitation requires local access (AV:L) with low attack complexity (AC:L) and no privileges (PR:N), but relies on user interaction (UI:R), such as opening a malicious PDF file with Ghostscript. A successful attack can achieve high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H), earning a CVSS v3.1 base score of 7.8. Local attackers could leverage this to execute arbitrary code or cause denial of service on the affected system.
The primary advisory reference is the Ghostscript bug tracker at https://bugs.ghostscript.com/show_bug.cgi?id=708259. Mitigation involves upgrading to Ghostscript 10.05.0 or later, where the issue is addressed.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Buffer overflow in Ghostscript PDF/PostScript processing enables arbitrary code execution via malicious file, directly mapping to Exploitation for Client Execution (T1203).