CVE-2020-36773

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 4, 2024
Updated: Mar 4, 2024
CWE ID 787
CWE ID 416

Summary

The vulnerability with CVE ID CVE-2020-36773 affects Artifex Ghostscript before version 9.53.0. It is categorized as a CyberVulnerability and has a risk score of 67. The vulnerability is an out-of-bounds write and use-after-free issue in devices/vector/gdevtxtw.c (for txtwrite) caused by a single character code in a PDF document mapping to multiple Unicode code points. The vulnerability has a base severity of CRITICAL and a base score of 9.8 according to NVD. It does not require any privileges or user interaction, and it can be exploited over the network. The impact includes high integrity and confidentiality impacts, with a potential availability impact as well. The affected products include fwnaNy, fwnaNz, eth6wE, fwnaN0, and fwnaN1. Remediation for this vulnerability involves updating to Artifex Ghostscript version 9.53.0 or later.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2020-36773 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options