cpe:/a:artifex:ghostscript:9.21 cpe:/o:debian:debian_linux:8.0 cpe:/o:debian:debian_linux:9.0 CVE-2017-11714 2017-07-28T01:29:00.827-04:00 2019-04-17T15:43:59.520-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2019-04-17T12:12:39.997-04:00 SECTRACK 1039233 DEBIAN DSA-3986 GENTOO GLSA-201811-12 CONFIRM http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=671fd59eb657743aa86fbc1895cb15872a317caa CONFIRM https://bugs.ghostscript.com/show_bug.cgi?id=698158 psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c.