The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. https://nvd.nist.gov/vuln/detail/CVE-2017-9727