|Reported by:||Owned by:|
From redhat https://access.redhat.com/security/cve/cve-2019-10216 (still shown as 'reserved' at Mitre).
It was found that the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass
-dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.
CVSS3 base rating 7.3 (high)
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None