PDFCreator Ghostscript vulnerability?


#1

Hello,
Would you please verify if PDFCreator 2.5.5 or the newer 3.2.2 is impacted by this vulnerability? If so what are our options to mitigate this issue?

More Ghostscript Issues: Should we disable PS coders in policy.xml by default?
http://seclists.org/oss-sec/2018/q3/142

Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities
https://www.kb.cert.org/vuls/id/332928


#2

Hi,

all PDFCreator versions are potentially impacted by this vulnerability, since they all use Ghostscript in order to convert Postscript to PDF or other formats. While I think it is probably impossible to attack by printing to the PDFCreator printer, there is a potential threat if an attacker manages to get a malicious Postscript or PDF file onto the system and is able to call the PDFCreator.exe with the malicious file as input.
However, the code will only get executed with user permissions, so this shouldn't be a threat if you use PDFCreator in an officially supported way (e.g. running PDFCreator as a service with third party tools isn't officially supported and might be dangerous).
The only way to currently fix this security flaw is to compile your own Ghostscript version with the released patches.
As soon as there is an official Ghostscript release which fixes this and doesn't break anything important, we will use this for future PDFCreator releases.

Best regards

Robin