Researchers from Google Project Zero reported a vulnerbility in the Ghostscript - open-source interpreter for PostScript and PDF files. An attacker can gain access to applications and servers that work with meentioned software. There is no patch for the vulnerability, therefore, experts recommend turning off all crypters for .PS, .EPS, .PDF and .XPS by default in the policy.xml file.
Employee of the Google Division Tavis Ormandy said that the security hole exploits ways to bypass the isolated environment -dSAFER, through which cybercriminals can send a victim a file with malicious code. When a vulnerable version of Ghostscript opens such a file, the code contained in it will be executed, which will give an opportunity to take control over the management of applications and servers.
The vulnerability has already been confirmed by the developers of the interpreter - Artifex Software, and it does not have its own CVE-identifier yet.
Users of the ImageMagick, Evince and GIMP are at risk. These set of apps are included in many Linux distributions: RedHat, SUSE, Ubuntu, Fedora, FreeBSD, Debian, CentOS. Tavis Ormandi on Twitter to disable Ghostscript encoders for files with .PS, .EPS, .PDF and .XPS extensions in the policy.xml document: