DATABASE RESOURCES PRICING ABOUT US

{"id": "OPENVAS:864759", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for ghostscript FEDORA-2012-13839", "description": "Check for the Version of ghostscript", "published": "2012-10-03T00:00:00", "modified": "2017-12-29T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=864759", "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "references": ["2012-13839", "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088572.html"], "cvelist": ["CVE-2012-4405"], "lastseen": "2018-01-02T10:57:49", "viewCount": 2, "enchantments": {"score": {"value": -0.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2012-127"]}, {"type": "centos", "idList": ["CESA-2012:1256"]}, {"type": "cve", "idList": ["CVE-2012-4405"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2595-1:BB2B1"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2012-4405"]}, {"type": "fedora", "idList": ["FEDORA:8A1E020AD8", "FEDORA:C506220641"]}, {"type": "gentoo", "idList": ["GLSA-201402-29", "GLSA-201412-17"]}, {"type": "nessus", "idList": ["ALA_ALAS-2012-127.NASL", "CENTOS_RHSA-2012-1256.NASL", "DEBIAN_DSA-2595.NASL", "FEDORA_2012-13839.NASL", "FEDORA_2012-13846.NASL", "GENTOO_GLSA-201402-29.NASL", "GENTOO_GLSA-201412-17.NASL", "MANDRIVA_MDVSA-2012-151.NASL", "MANDRIVA_MDVSA-2013-089.NASL", "MANDRIVA_MDVSA-2013-090.NASL", "OPENSUSE-2012-668.NASL", "OPENSUSE-2012-669.NASL", "ORACLELINUX_ELSA-2012-1256.NASL", "REDHAT-RHSA-2012-1256.NASL", "SL_20120911_GHOSTSCRIPT_ON_SL5_X.NASL", "SUSE_11_GHOSTSCRIPT-DEVEL-120912.NASL", "SUSE_GHOSTSCRIPT-FONTS-OTHER-8290.NASL", "UBUNTU_USN-1581-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120483", "OPENVAS:1361412562310121160", "OPENVAS:1361412562310121303", "OPENVAS:1361412562310123826", "OPENVAS:1361412562310831744", "OPENVAS:1361412562310841160", "OPENVAS:1361412562310864755", "OPENVAS:1361412562310864759", "OPENVAS:1361412562310870827", "OPENVAS:1361412562310881492", "OPENVAS:1361412562310881501", "OPENVAS:1361412562310892595", "OPENVAS:831744", "OPENVAS:841160", "OPENVAS:864755", "OPENVAS:870827", "OPENVAS:881492", "OPENVAS:881501", "OPENVAS:892595"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1256"]}, {"type": "osv", "idList": ["OSV:DSA-2595-1"]}, {"type": "redhat", "idList": ["RHSA-2012:1256"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28570", "SECURITYVULNS:VULN:12591"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2012:1289-1", "SUSE-SU-2012:1222-1"]}, {"type": "ubuntu", "idList": ["USN-1581-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2012-4405"]}]}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2012:1256"]}, {"type": "cve", "idList": ["CVE-2012-4405"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2595-1:BB2B1"]}, {"type": "fedora", "idList": ["FEDORA:C506220641"]}, {"type": "gentoo", "idList": ["GLSA-201402-29"]}, {"type": "nessus", "idList": ["FEDORA_2012-13846.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310841160", "OPENVAS:1361412562310864759", "OPENVAS:1361412562310870827"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1256"]}, {"type": "redhat", "idList": ["RHSA-2012:1256"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28570"]}, {"type": "ubuntu", "idList": ["USN-1581-1"]}]}, "exploitation": null, "vulnersScore": -0.3}, "pluginID": "864759", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ghostscript FEDORA-2012-13839\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ghostscript is a set of software that provides a PostScript\n interpreter, a set of C procedures (the Ghostscript library, which\n implements the graphics capabilities in the PostScript language) and\n an interpreter for Portable Document Format (PDF) files. Ghostscript\n translates PostScript code into many common, bitmapped formats, like\n those understood by your printer or screen. Ghostscript is normally\n used to display PostScript files and to print PostScript files to\n non-PostScript printers.\n\n If you need to display PostScript files or print them to\n non-PostScript printers, you should install ghostscript. If you\n install ghostscript, you also need to install the ghostscript-fonts\n package.\";\n\ntag_affected = \"ghostscript on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088572.html\");\n script_id(864759);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 09:19:27 +0530 (Wed, 03 Oct 2012)\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-13839\");\n script_name(\"Fedora Update for ghostscript FEDORA-2012-13839\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.05~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1660004461, "score": 1660012044}, "_internal": {"score_hash": "252f0c024d5a77e428c6f589bf74e9f2"}}

{"nessus": [{"lastseen": "2023-01-11T14:59:32", "description": "An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. (CVE-2012-4405)", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : ghostscript (ALAS-2012-127)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ghostscript", "p-cpe:/a:amazon:linux:ghostscript-debuginfo", "p-cpe:/a:amazon:linux:ghostscript-devel", "p-cpe:/a:amazon:linux:ghostscript-doc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-127.NASL", "href": "https://www.tenable.com/plugins/nessus/69617", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-127.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69617);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-4405\");\n script_xref(name:\"ALAS\", value:\"2012-127\");\n script_xref(name:\"RHSA\", value:\"2012:1256\");\n\n script_name(english:\"Amazon Linux AMI : ghostscript (ALAS-2012-127)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in Ghostscript's International Color Consortium Format library\n(icclib). An attacker could create a specially crafted PostScript or\nPDF file with embedded images that would cause Ghostscript to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Ghostscript. (CVE-2012-4405)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-127.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update ghostscript' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ghostscript-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"ghostscript-8.70-15.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ghostscript-debuginfo-8.70-15.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ghostscript-devel-8.70-15.22.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ghostscript-doc-8.70-15.22.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-debuginfo / ghostscript-devel / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:24", "description": "From Red Hat Security Advisory 2012:1256 :\n\nUpdated ghostscript packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nGhostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. (CVE-2012-4405)\n\nRed Hat would like to thank Marc Schonefeld for reporting this issue.\n\nUsers of Ghostscript are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 / 6 : ghostscript (ELSA-2012-1256)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:ghostscript", "p-cpe:/a:oracle:linux:ghostscript-devel", "p-cpe:/a:oracle:linux:ghostscript-doc", "p-cpe:/a:oracle:linux:ghostscript-gtk", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2012-1256.NASL", "href": "https://www.tenable.com/plugins/nessus/68616", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1256 and \n# Oracle Linux Security Advisory ELSA-2012-1256 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68616);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4405\");\n script_bugtraq_id(55494);\n script_xref(name:\"RHSA\", value:\"2012:1256\");\n\n script_name(english:\"Oracle Linux 5 / 6 : ghostscript (ELSA-2012-1256)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1256 :\n\nUpdated ghostscript packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nGhostscript is a set of software that provides a PostScript\ninterpreter, a set of C procedures (the Ghostscript library, which\nimplements the graphics capabilities in the PostScript language) and\nan interpreter for Portable Document Format (PDF) files.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in Ghostscript's International Color Consortium Format library\n(icclib). An attacker could create a specially crafted PostScript or\nPDF file with embedded images that would cause Ghostscript to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Ghostscript. (CVE-2012-4405)\n\nRed Hat would like to thank Marc Schonefeld for reporting this issue.\n\nUsers of Ghostscript are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-September/003017.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-September/003019.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"ghostscript-8.70-14.el5_8.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ghostscript-devel-8.70-14.el5_8.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ghostscript-gtk-8.70-14.el5_8.1\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"ghostscript-8.70-14.el6_3.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ghostscript-devel-8.70-14.el6_3.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ghostscript-doc-8.70-14.el6_3.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ghostscript-gtk-8.70-14.el6_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-devel / ghostscript-doc / ghostscript-gtk\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:29:58", "description": "Updated ghostscript packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nGhostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. (CVE-2012-4405)\n\nRed Hat would like to thank Marc Schonefeld for reporting this issue.\n\nUsers of Ghostscript are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.", "cvss3": {}, "published": "2012-09-12T00:00:00", "type": "nessus", "title": "CentOS 5 / 6 : ghostscript (CESA-2012:1256)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:ghostscript", "p-cpe:/a:centos:centos:ghostscript-devel", "p-cpe:/a:centos:centos:ghostscript-doc", "p-cpe:/a:centos:centos:ghostscript-gtk", "cpe:/o:centos:centos:5", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2012-1256.NASL", "href": "https://www.tenable.com/plugins/nessus/62048", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1256 and \n# CentOS Errata and Security Advisory 2012:1256 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62048);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-4405\");\n script_bugtraq_id(55494);\n script_xref(name:\"RHSA\", value:\"2012:1256\");\n\n script_name(english:\"CentOS 5 / 6 : ghostscript (CESA-2012:1256)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ghostscript packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nGhostscript is a set of software that provides a PostScript\ninterpreter, a set of C procedures (the Ghostscript library, which\nimplements the graphics capabilities in the PostScript language) and\nan interpreter for Portable Document Format (PDF) files.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in Ghostscript's International Color Consortium Format library\n(icclib). An attacker could create a specially crafted PostScript or\nPDF file with embedded images that would cause Ghostscript to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Ghostscript. (CVE-2012-4405)\n\nRed Hat would like to thank Marc Schonefeld for reporting this issue.\n\nUsers of Ghostscript are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-September/018862.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a3b3a5fe\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-September/018864.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f6816cc4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4405\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"ghostscript-8.70-14.el5_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ghostscript-devel-8.70-14.el5_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ghostscript-gtk-8.70-14.el5_8.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"ghostscript-8.70-14.el6_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ghostscript-devel-8.70-14.el6_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ghostscript-doc-8.70-14.el6_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ghostscript-gtk-8.70-14.el6_3.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-devel / ghostscript-doc / ghostscript-gtk\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:29:58", "description": "This update removes some bundled libraries, notably icclib. This avoids security issue CVE-2012-4405.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-09-29T00:00:00", "type": "nessus", "title": "Fedora 17 : ghostscript-9.05-4.fc17 (2012-13846)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ghostscript", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-13846.NASL", "href": "https://www.tenable.com/plugins/nessus/62378", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-13846.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62378);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-4405\");\n script_bugtraq_id(55494);\n script_xref(name:\"FEDORA\", value:\"2012-13846\");\n\n script_name(english:\"Fedora 17 : ghostscript-9.05-4.fc17 (2012-13846)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update removes some bundled libraries, notably icclib. This\navoids security issue CVE-2012-4405.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=854227\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-September/088564.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1b3f2252\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"ghostscript-9.05-4.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:30:07", "description": "Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. (CVE-2012-4405)\n\nUsers of Ghostscript are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.", "cvss3": {}, "published": "2012-09-12T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : ghostscript on SL5.x, SL6.x i386/x86_64 (20120911)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:ghostscript", "p-cpe:/a:fermilab:scientific_linux:ghostscript-devel", "p-cpe:/a:fermilab:scientific_linux:ghostscript-doc", "p-cpe:/a:fermilab:scientific_linux:ghostscript-gtk", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120911_GHOSTSCRIPT_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/62057", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62057);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4405\");\n\n script_name(english:\"Scientific Linux Security Update : ghostscript on SL5.x, SL6.x i386/x86_64 (20120911)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ghostscript is a set of software that provides a PostScript\ninterpreter, a set of C procedures (the Ghostscript library, which\nimplements the graphics capabilities in the PostScript language) and\nan interpreter for Portable Document Format (PDF) files.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in Ghostscript's International Color Consortium Format library\n(icclib). An attacker could create a specially crafted PostScript or\nPDF file with embedded images that would cause Ghostscript to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Ghostscript. (CVE-2012-4405)\n\nUsers of Ghostscript are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1209&L=scientific-linux-errata&T=0&P=1237\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?97eaf61f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"ghostscript-8.70-14.el5_8.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ghostscript-devel-8.70-14.el5_8.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ghostscript-gtk-8.70-14.el5_8.1\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"ghostscript-8.70-14.el6_3.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ghostscript-devel-8.70-14.el6_3.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ghostscript-doc-8.70-14.el6_3.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ghostscript-gtk-8.70-14.el6_3.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-devel / ghostscript-doc / ghostscript-gtk\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:29:59", "description": "Updated ghostscript packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nGhostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. (CVE-2012-4405)\n\nRed Hat would like to thank Marc Schonefeld for reporting this issue.\n\nUsers of Ghostscript are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.", "cvss3": {}, "published": "2012-09-12T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : ghostscript (RHSA-2012:1256)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ghostscript", "p-cpe:/a:redhat:enterprise_linux:ghostscript-debuginfo", "p-cpe:/a:redhat:enterprise_linux:ghostscript-devel", "p-cpe:/a:redhat:enterprise_linux:ghostscript-doc", "p-cpe:/a:redhat:enterprise_linux:ghostscript-gtk", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.3"], "id": "REDHAT-RHSA-2012-1256.NASL", "href": "https://www.tenable.com/plugins/nessus/62056", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1256. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62056);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4405\");\n script_bugtraq_id(55494);\n script_xref(name:\"RHSA\", value:\"2012:1256\");\n\n script_name(english:\"RHEL 5 / 6 : ghostscript (RHSA-2012:1256)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ghostscript packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nGhostscript is a set of software that provides a PostScript\ninterpreter, a set of C procedures (the Ghostscript library, which\nimplements the graphics capabilities in the PostScript language) and\nan interpreter for Portable Document Format (PDF) files.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in Ghostscript's International Color Consortium Format library\n(icclib). An attacker could create a specially crafted PostScript or\nPDF file with embedded images that would cause Ghostscript to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Ghostscript. (CVE-2012-4405)\n\nRed Hat would like to thank Marc Schonefeld for reporting this issue.\n\nUsers of Ghostscript are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1256\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4405\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1256\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"ghostscript-8.70-14.el5_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"ghostscript-debuginfo-8.70-14.el5_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"ghostscript-devel-8.70-14.el5_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ghostscript-gtk-8.70-14.el5_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ghostscript-gtk-8.70-14.el5_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ghostscript-gtk-8.70-14.el5_8.1\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"ghostscript-8.70-14.el6_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"ghostscript-debuginfo-8.70-14.el6_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"ghostscript-devel-8.70-14.el6_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ghostscript-doc-8.70-14.el6_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ghostscript-doc-8.70-14.el6_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ghostscript-doc-8.70-14.el6_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ghostscript-gtk-8.70-14.el6_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ghostscript-gtk-8.70-14.el6_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ghostscript-gtk-8.70-14.el6_3.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-debuginfo / ghostscript-devel / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:31:37", "description": "A security issue was identified and fixed in ghostscript :\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript (CVE-2012-4405).\n\nThe updated packages have been patched to correct this issue.", "cvss3": {}, "published": "2012-10-06T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : ghostscript (MDVSA-2012:151-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:ghostscript", "p-cpe:/a:mandriva:linux:ghostscript-X", "p-cpe:/a:mandriva:linux:ghostscript-common", "p-cpe:/a:mandriva:linux:ghostscript-doc", "p-cpe:/a:mandriva:linux:ghostscript-dvipdf", "p-cpe:/a:mandriva:linux:ghostscript-module-X", "p-cpe:/a:mandriva:linux:lib64gs-devel", "p-cpe:/a:mandriva:linux:lib64gs9", "p-cpe:/a:mandriva:linux:lib64ijs-devel", "p-cpe:/a:mandriva:linux:lib64ijs1", "p-cpe:/a:mandriva:linux:libgs-devel", "p-cpe:/a:mandriva:linux:libgs9", "p-cpe:/a:mandriva:linux:libijs-devel", "p-cpe:/a:mandriva:linux:libijs1", "cpe:/o:mandriva:linux:2011"], "id": "MANDRIVA_MDVSA-2012-151.NASL", "href": "https://www.tenable.com/plugins/nessus/62445", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:151. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62445);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-4405\");\n script_bugtraq_id(55494);\n script_xref(name:\"MDVSA\", value:\"2012:151-1\");\n\n script_name(english:\"Mandriva Linux Security Advisory : ghostscript (MDVSA-2012:151-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security issue was identified and fixed in ghostscript :\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in Ghostscript's International Color Consortium Format library\n(icclib). An attacker could create a specially crafted PostScript or\nPDF file with embedded images that would cause Ghostscript to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Ghostscript (CVE-2012-4405).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-X\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-dvipdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-module-X\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gs9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ijs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ijs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgs9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libijs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libijs1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2011\", reference:\"ghostscript-9.02-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"ghostscript-X-9.02-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"ghostscript-common-9.02-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"ghostscript-doc-9.02-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"ghostscript-dvipdf-9.02-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"ghostscript-module-X-9.02-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64gs-devel-9.02-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64gs9-9.02-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64ijs-devel-0.35-76.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64ijs1-0.35-76.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libgs-devel-9.02-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libgs9-9.02-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libijs-devel-0.35-76.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libijs1-0.35-76.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:33:33", "description": "Marc Schoenefeld discovered that an integer overflow in the ICC parsing code of Ghostscript can lead to the execution of arbitrary code.", "cvss3": {}, "published": "2012-12-31T00:00:00", "type": "nessus", "title": "Debian DSA-2595-1 : ghostscript - integer overflow", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:ghostscript", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2595.NASL", "href": "https://www.tenable.com/plugins/nessus/63358", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2595. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63358);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-4405\");\n script_bugtraq_id(55494);\n script_xref(name:\"DSA\", value:\"2595\");\n\n script_name(english:\"Debian DSA-2595-1 : ghostscript - integer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Marc Schoenefeld discovered that an integer overflow in the ICC\nparsing code of Ghostscript can lead to the execution of arbitrary\ncode.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/ghostscript\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2595\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the ghostscript packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 8.71~dfsg2-9+squeeze1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"ghostscript\", reference:\"8.71~dfsg2-9+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ghostscript-cups\", reference:\"8.71~dfsg2-9+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ghostscript-doc\", reference:\"8.71~dfsg2-9+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ghostscript-x\", reference:\"8.71~dfsg2-9+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"gs-common\", reference:\"8.71~dfsg2-9+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"gs-esp\", reference:\"8.71~dfsg2-9+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"gs-gpl\", reference:\"8.71~dfsg2-9+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgs-dev\", reference:\"8.71~dfsg2-9+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgs8\", reference:\"8.71~dfsg2-9+squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:31:13", "description": "This update removes some bundled libraries, notably icclib. This avoids security issue CVE-2012-4405.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-09-29T00:00:00", "type": "nessus", "title": "Fedora 16 : ghostscript-9.05-2.fc16 (2012-13839)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ghostscript", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-13839.NASL", "href": "https://www.tenable.com/plugins/nessus/62377", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-13839.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62377);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-4405\");\n script_bugtraq_id(55494);\n script_xref(name:\"FEDORA\", value:\"2012-13839\");\n\n script_name(english:\"Fedora 16 : ghostscript-9.05-2.fc16 (2012-13839)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update removes some bundled libraries, notably icclib. This\navoids security issue CVE-2012-4405.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=854227\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-September/088572.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c553d20b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"ghostscript-9.05-2.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:31:18", "description": "Marc Schonefeld discovered that Ghostscript did not correctly handle certain image files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause a denial of service and possibly execute arbitrary code with user privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-09-25T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 10.04 LTS : ghostscript vulnerability (USN-1581-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libgs8", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-1581-1.NASL", "href": "https://www.tenable.com/plugins/nessus/62290", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1581-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62290);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-4405\");\n script_bugtraq_id(55494);\n script_xref(name:\"USN\", value:\"1581-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS : ghostscript vulnerability (USN-1581-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Marc Schonefeld discovered that Ghostscript did not correctly handle\ncertain image files. If a user or automated system were tricked into\nopening a specially crafted file, an attacker could cause a denial of\nservice and possibly execute arbitrary code with user privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1581-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgs8 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgs8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libgs8\", pkgver:\"8.61.dfsg.1-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libgs8\", pkgver:\"8.71.dfsg.1-0ubuntu5.5\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgs8\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:37:20", "description": "This update fixes an array index error leading to a heap-based buffer overflow in ghostscript-library. CVE-2012-4405 has been assigned to this issue.", "cvss3": {}, "published": "2013-01-25T00:00:00", "type": "nessus", "title": "SuSE 11.2 Security Update : ghostscript (SAT Patch Number 6813)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-other", "p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-rus", "p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-std", "p-cpe:/a:novell:suse_linux:11:ghostscript-library", "p-cpe:/a:novell:suse_linux:11:ghostscript-omni", "p-cpe:/a:novell:suse_linux:11:ghostscript-x11", "p-cpe:/a:novell:suse_linux:11:libgimpprint", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_GHOSTSCRIPT-DEVEL-120912.NASL", "href": "https://www.tenable.com/plugins/nessus/64146", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64146);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-4405\");\n\n script_name(english:\"SuSE 11.2 Security Update : ghostscript (SAT Patch Number 6813)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes an array index error leading to a heap-based buffer\noverflow in ghostscript-library. CVE-2012-4405 has been assigned to\nthis issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=779700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4405.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6813.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-rus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-std\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-library\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-omni\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libgimpprint\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"ghostscript-fonts-other-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"ghostscript-fonts-rus-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"ghostscript-fonts-std-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"ghostscript-library-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"ghostscript-omni-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"ghostscript-x11-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"libgimpprint-4.2.7-32.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"ghostscript-fonts-other-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"ghostscript-fonts-rus-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"ghostscript-fonts-std-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"ghostscript-library-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"ghostscript-omni-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"ghostscript-x11-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libgimpprint-4.2.7-32.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"ghostscript-fonts-other-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"ghostscript-fonts-rus-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"ghostscript-fonts-std-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"ghostscript-library-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"ghostscript-omni-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"ghostscript-x11-8.62-32.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"libgimpprint-4.2.7-32.34.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:45:45", "description": "A security issue was identified and fixed in icclib :\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript (CVE-2012-4405).\n\nThe updated packages have been patched to correct this issue.", "cvss3": {}, "published": "2013-04-20T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : icclib (MDVSA-2013:089)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:icclib", "p-cpe:/a:mandriva:linux:lib64icc-devel", "p-cpe:/a:mandriva:linux:lib64icc2", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2013-089.NASL", "href": "https://www.tenable.com/plugins/nessus/66101", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:089. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66101);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-4405\");\n script_bugtraq_id(55494);\n script_xref(name:\"MDVSA\", value:\"2013:089\");\n script_xref(name:\"MGASA\", value:\"2012-0301\");\n\n script_name(english:\"Mandriva Linux Security Advisory : icclib (MDVSA-2013:089)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security issue was identified and fixed in icclib :\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in Ghostscript's International Color Consortium Format library\n(icclib). An attacker could create a specially crafted PostScript or\nPDF file with embedded images that would cause Ghostscript to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Ghostscript (CVE-2012-4405).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected icclib, lib64icc-devel and / or lib64icc2\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:icclib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64icc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64icc2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"icclib-2.13-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64icc-devel-2.13-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64icc2-2.13-2.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:45:57", "description": "A security issue was identified and fixed in argyllcms :\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript (CVE-2012-4405).\n\nThe updated packages have been patched to correct this issue.", "cvss3": {}, "published": "2013-04-20T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : argyllcms (MDVSA-2013:090)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:argyllcms", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2013-090.NASL", "href": "https://www.tenable.com/plugins/nessus/66102", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:090. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66102);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-4405\");\n script_bugtraq_id(55494);\n script_xref(name:\"MDVSA\", value:\"2013:090\");\n script_xref(name:\"MGASA\", value:\"2012-0301\");\n\n script_name(english:\"Mandriva Linux Security Advisory : argyllcms (MDVSA-2013:090)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandriva Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security issue was identified and fixed in argyllcms :\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in Ghostscript's International Color Consortium Format library\n(icclib). An attacker could create a specially crafted PostScript or\nPDF file with embedded images that would cause Ghostscript to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Ghostscript (CVE-2012-4405).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected argyllcms package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:argyllcms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"argyllcms-1.4.0-2.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:30:07", "description": "This update fixes an array index error leading to a heap-based buffer overflow in ghostscript-library. CVE-2012-4405 has been assigned to this issue.", "cvss3": {}, "published": "2012-09-20T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : ghostscript (ZYPP Patch Number 8290)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_GHOSTSCRIPT-FONTS-OTHER-8290.NASL", "href": "https://www.tenable.com/plugins/nessus/62210", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62210);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-4405\");\n\n script_name(english:\"SuSE 10 Security Update : ghostscript (ZYPP Patch Number 8290)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes an array index error leading to a heap-based buffer\noverflow in ghostscript-library. CVE-2012-4405 has been assigned to\nthis issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4405.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8290.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"ghostscript-fonts-other-8.15.4-16.28.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"ghostscript-fonts-std-8.15.4-16.28.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"ghostscript-library-8.15.4-16.28.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"ghostscript-x11-8.15.4-16.28.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"libgimpprint-4.2.7-62.28.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"ghostscript-fonts-other-8.15.4-16.28.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"ghostscript-fonts-rus-8.15.4-16.28.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"ghostscript-fonts-std-8.15.4-16.28.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"ghostscript-library-8.15.4-16.28.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"ghostscript-omni-8.15.4-16.28.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"ghostscript-x11-8.15.4-16.28.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"libgimpprint-4.2.7-62.28.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"libgimpprint-devel-4.2.7-62.28.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:32:47", "description": "The following security issue was fixed in ghostscript :\n\nMultiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE:\nthis issue is also described as an array index error.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ghostscript (openSUSE-SU-2012:1289-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ghostscript-devel", "p-cpe:/a:novell:opensuse:ghostscript-fonts-other", "p-cpe:/a:novell:opensuse:ghostscript-fonts-rus", "p-cpe:/a:novell:opensuse:ghostscript-fonts-std", "p-cpe:/a:novell:opensuse:ghostscript-ijs-devel", "p-cpe:/a:novell:opensuse:ghostscript-library", "p-cpe:/a:novell:opensuse:ghostscript-library-debuginfo", "p-cpe:/a:novell:opensuse:ghostscript-library-debugsource", "p-cpe:/a:novell:opensuse:ghostscript-x11", "p-cpe:/a:novell:opensuse:ghostscript-x11-debuginfo", "p-cpe:/a:novell:opensuse:libgimpprint", "p-cpe:/a:novell:opensuse:libgimpprint-debuginfo", "p-cpe:/a:novell:opensuse:libgimpprint-devel", "cpe:/o:novell:opensuse:11.4"], "id": "OPENSUSE-2012-668.NASL", "href": "https://www.tenable.com/plugins/nessus/74770", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-668.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74770);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-4405\");\n\n script_name(english:\"openSUSE Security Update : ghostscript (openSUSE-SU-2012:1289-1)\");\n script_summary(english:\"Check for the openSUSE-2012-668 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following security issue was fixed in ghostscript :\n\nMultiple integer underflows in the icmLut_allocate function in\nInternational Color Consortium (ICC) Format library (icclib), as used\nin Ghostscript 9.06 and Argyll Color Management System, allow remote\nattackers to cause a denial of service (crash) and possibly execute\narbitrary code via a crafted (1) PostScript or (2) PDF file with\nembedded images, which triggers a heap-based buffer overflow. NOTE:\nthis issue is also described as an array index error.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=779700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-10/msg00014.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-rus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-std\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-ijs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-library\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-library-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-library-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpprint\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpprint-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpprint-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ghostscript-devel-9.00-4.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ghostscript-fonts-other-9.00-4.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ghostscript-fonts-rus-9.00-4.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ghostscript-fonts-std-9.00-4.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ghostscript-ijs-devel-9.00-4.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ghostscript-library-9.00-4.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ghostscript-library-debuginfo-9.00-4.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ghostscript-library-debugsource-9.00-4.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ghostscript-x11-9.00-4.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ghostscript-x11-debuginfo-9.00-4.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libgimpprint-4.2.7-334.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libgimpprint-debuginfo-4.2.7-334.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libgimpprint-devel-4.2.7-334.48.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:32:54", "description": "The following security issue was fixed in ghostscript :\n\nMultiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE:\nthis issue is also described as an array index error.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ghostscript-library (openSUSE-SU-2012:1290-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ghostscript-devel", "p-cpe:/a:novell:opensuse:ghostscript-fonts-other", "p-cpe:/a:novell:opensuse:ghostscript-fonts-rus", "p-cpe:/a:novell:opensuse:ghostscript-fonts-std", "p-cpe:/a:novell:opensuse:ghostscript-ijs-devel", "p-cpe:/a:novell:opensuse:ghostscript-library", "p-cpe:/a:novell:opensuse:ghostscript-library-debuginfo", "p-cpe:/a:novell:opensuse:ghostscript-library-debugsource", "p-cpe:/a:novell:opensuse:ghostscript-mini", "p-cpe:/a:novell:opensuse:ghostscript-mini-debuginfo", "p-cpe:/a:novell:opensuse:ghostscript-mini-debugsource", "p-cpe:/a:novell:opensuse:ghostscript-x11", "p-cpe:/a:novell:opensuse:ghostscript-x11-debuginfo", "p-cpe:/a:novell:opensuse:libgimpprint", "p-cpe:/a:novell:opensuse:libgimpprint-debuginfo", "p-cpe:/a:novell:opensuse:libgimpprint-devel", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2012-669.NASL", "href": "https://www.tenable.com/plugins/nessus/74771", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-669.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74771);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-4405\");\n\n script_name(english:\"openSUSE Security Update : ghostscript-library (openSUSE-SU-2012:1290-1)\");\n script_summary(english:\"Check for the openSUSE-2012-669 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following security issue was fixed in ghostscript :\n\nMultiple integer underflows in the icmLut_allocate function in\nInternational Color Consortium (ICC) Format library (icclib), as used\nin Ghostscript 9.06 and Argyll Color Management System, allow remote\nattackers to cause a denial of service (crash) and possibly execute\narbitrary code via a crafted (1) PostScript or (2) PDF file with\nembedded images, which triggers a heap-based buffer overflow. NOTE:\nthis issue is also described as an array index error.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=779700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-10/msg00015.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript-library packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-rus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-std\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-ijs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-library\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-library-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-library-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpprint\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpprint-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpprint-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ghostscript-devel-9.00-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ghostscript-fonts-other-9.00-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ghostscript-fonts-rus-9.00-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ghostscript-fonts-std-9.00-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ghostscript-ijs-devel-9.00-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ghostscript-library-9.00-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ghostscript-library-debuginfo-9.00-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ghostscript-library-debugsource-9.00-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ghostscript-mini-9.00-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ghostscript-mini-debuginfo-9.00-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ghostscript-mini-debugsource-9.00-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ghostscript-x11-9.00-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ghostscript-x11-debuginfo-9.00-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libgimpprint-4.2.7-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libgimpprint-debuginfo-4.2.7-13.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libgimpprint-devel-4.2.7-13.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript-library\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:28:28", "description": "The remote host is affected by the vulnerability described in GLSA-201402-29 (ArgyllCMS: User-assisted execution of arbitrary code)\n\n Multiple integer overflow vulnerabilities have been discovered in the ICC Format Library in ArgyllCMS.\n Impact :\n\n A remote attacker could entice a user to open a specially crafted image file using ArgyllCMS, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2014-03-02T00:00:00", "type": "nessus", "title": "GLSA-201402-29 : ArgyllCMS: User-assisted execution of arbitrary code", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:argyllcms", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201402-29.NASL", "href": "https://www.tenable.com/plugins/nessus/72756", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201402-29.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72756);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-4405\");\n script_bugtraq_id(55494);\n script_xref(name:\"GLSA\", value:\"201402-29\");\n\n script_name(english:\"GLSA-201402-29 : ArgyllCMS: User-assisted execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201402-29\n(ArgyllCMS: User-assisted execution of arbitrary code)\n\n Multiple integer overflow vulnerabilities have been discovered in the\n ICC Format Library in ArgyllCMS.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted image\n file using ArgyllCMS, possibly resulting in execution of arbitrary code\n with the privileges of the process or a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201402-29\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All ArgyllCMS users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/argyllcms-1.4.0-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:argyllcms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-gfx/argyllcms\", unaffected:make_list(\"ge 1.4.0-r1\"), vulnerable:make_list(\"lt 1.4.0-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ArgyllCMS\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:42:13", "description": "The remote host is affected by the vulnerability described in GLSA-201412-17 (GPL Ghostscript: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A context-dependent attacker could entice a user to open a specially crafted PostScript file or PDF using GPL Ghostscript, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2014-12-15T00:00:00", "type": "nessus", "title": "GLSA-201412-17 : GPL Ghostscript: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-3743", "CVE-2009-4270", "CVE-2009-4897", "CVE-2010-1628", "CVE-2010-2055", "CVE-2010-4054", "CVE-2012-4405"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:ghostscript-gpl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201412-17.NASL", "href": "https://www.tenable.com/plugins/nessus/79970", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201412-17.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79970);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2009-3743\", \"CVE-2009-4270\", \"CVE-2009-4897\", \"CVE-2010-1628\", \"CVE-2010-2055\", \"CVE-2010-4054\", \"CVE-2012-4405\");\n script_bugtraq_id(34184, 34445, 37410, 40107, 40467, 41593, 42640, 43932, 55494);\n script_xref(name:\"GLSA\", value:\"201412-17\");\n\n script_name(english:\"GLSA-201412-17 : GPL Ghostscript: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201412-17\n(GPL Ghostscript: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in GPL Ghostscript. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n A context-dependent attacker could entice a user to open a specially\n crafted PostScript file or PDF using GPL Ghostscript, possibly resulting\n in execution of arbitrary code with the privileges of the process or a\n Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201412-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All GPL Ghostscript users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=app-text/ghostscript-gpl-9.10-r2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:ghostscript-gpl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-text/ghostscript-gpl\", unaffected:make_list(\"ge 9.10-r2\"), vulnerable:make_list(\"lt 9.10-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GPL Ghostscript\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:36:25", "description": "Oracle Linux Local Security Checks ELSA-2012-1256", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1256", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123826", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123826", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1256.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123826\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:09:04 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1256\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1256 - ghostscript security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1256\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1256.html\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.70~14.el5_8.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.70~14.el5_8.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.70~14.el5_8.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.70~14.el6_3.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.70~14.el6_3.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~8.70~14.el6_3.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.70~14.el6_3.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-10-03T00:00:00", "type": "openvas", "title": "Fedora Update for ghostscript FEDORA-2012-13839", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864759", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864759", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ghostscript FEDORA-2012-13839\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088572.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864759\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 09:19:27 +0530 (Wed, 03 Oct 2012)\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-13839\");\n script_name(\"Fedora Update for ghostscript FEDORA-2012-13839\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"ghostscript on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.05~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-04T11:20:25", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1581-1", "cvss3": {}, "published": "2012-09-25T00:00:00", "type": "openvas", "title": "Ubuntu Update for ghostscript USN-1581-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841160", "href": "http://plugins.openvas.org/nasl.php?oid=841160", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1581_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for ghostscript USN-1581-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Marc Sch&#195;&#182;nefeld discovered that Ghostscript did not correctly handle\n certain image files. If a user or automated system were tricked into\n opening a specially crafted file, an attacker could cause a denial of\n service and possibly execute arbitrary code with user privileges.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1581-1\";\ntag_affected = \"ghostscript on Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1581-1/\");\n script_id(841160);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-25 09:42:26 +0530 (Tue, 25 Sep 2012)\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1581-1\");\n script_name(\"Ubuntu Update for ghostscript USN-1581-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libgs8\", ver:\"8.71.dfsg.1-0ubuntu5.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libgs8\", ver:\"8.61.dfsg.1-1ubuntu3.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for ghostscript CESA-2012:1256 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881492", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881492", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ghostscript CESA-2012:1256 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-September/018864.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881492\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:45:22 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:1256\");\n script_name(\"CentOS Update for ghostscript CESA-2012:1256 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"ghostscript on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Ghostscript is a set of software that provides a PostScript interpreter, a\n set of C procedures (the Ghostscript library, which implements the graphics\n capabilities in the PostScript language) and an interpreter for Portable\n Document Format (PDF) files.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in Ghostscript's International Color Consortium Format library\n (icclib). An attacker could create a specially-crafted PostScript or PDF\n file with embedded images that would cause Ghostscript to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Ghostscript. (CVE-2012-4405)\n\n Red Hat would like to thank Marc Sch\u00f6nefeld for reporting this issue.\n\n Users of Ghostscript are advised to upgrade to these updated packages,\n which contain a backported patch to correct this issue.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.70~14.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.70~14.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~8.70~14.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.70~14.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:08", "description": "Gentoo Linux Local Security Checks GLSA 201402-29", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201402-29", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121160", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121160", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201402-29.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121160\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:26:58 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201402-29\");\n script_tag(name:\"insight\", value:\"Multiple integer overflow vulnerabilities have been discovered in the ICC Format Library in ArgyllCMS.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201402-29\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201402-29\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"media-gfx/argyllcms\", unaffected: make_list(\"ge 1.4.0-r1\"), vulnerable: make_list(\"lt 1.4.0-r1\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-06T13:07:01", "description": "Check for the Version of ghostscript", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for ghostscript CESA-2012:1256 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:881492", "href": "http://plugins.openvas.org/nasl.php?oid=881492", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ghostscript CESA-2012:1256 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ghostscript is a set of software that provides a PostScript interpreter, a\n set of C procedures (the Ghostscript library, which implements the graphics\n capabilities in the PostScript language) and an interpreter for Portable\n Document Format (PDF) files.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in Ghostscript's International Color Consortium Format library\n (icclib). An attacker could create a specially-crafted PostScript or PDF\n file with embedded images that would cause Ghostscript to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Ghostscript. (CVE-2012-4405)\n \n Red Hat would like to thank Marc Sch\u00f6nefeld for reporting this issue.\n \n Users of Ghostscript are advised to upgrade to these updated packages,\n which contain a backported patch to correct this issue.\";\n\ntag_affected = \"ghostscript on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-September/018864.html\");\n script_id(881492);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:45:22 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:1256\");\n script_name(\"CentOS Update for ghostscript CESA-2012:1256 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.70~14.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.70~14.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~8.70~14.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.70~14.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:22", "description": "Marc Schoenefeld discovered that an integer overflow in the ICC parsing\ncode of Ghostscript can lead to the execution of arbitrary code.", "cvss3": {}, "published": "2013-09-18T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2595-1 (ghostscript - integer overflow)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310892595", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892595", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2595_1.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2595-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892595\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2012-4405\");\n script_name(\"Debian Security Advisory DSA 2595-1 (ghostscript - integer overflow)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-18 11:53:02 +0200 (Wed, 18 Sep 2013)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2012/dsa-2595.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_tag(name:\"affected\", value:\"ghostscript on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (squeeze), this problem has been fixed in\nversion 8.71~dfsg2-9+squeeze1.\n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 9.05~dfsg-6.1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 9.05~dfsg-6.1.\n\nWe recommend that you upgrade your ghostscript packages.\");\n script_tag(name:\"summary\", value:\"Marc Schoenefeld discovered that an integer overflow in the ICC parsing\ncode of Ghostscript can lead to the execution of arbitrary code.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ghostscript-cups\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ghostscript-doc\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gs-common\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gs-esp\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgs-dev\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgs8\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ghostscript-cups\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ghostscript-dbg\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ghostscript-doc\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgs-dev\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgs9\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgs9-common\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for ghostscript CESA-2012:1256 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881501", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881501", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ghostscript CESA-2012:1256 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-September/018862.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881501\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:50:28 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_xref(name:\"CESA\", value:\"2012:1256\");\n script_name(\"CentOS Update for ghostscript CESA-2012:1256 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"ghostscript on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Ghostscript is a set of software that provides a PostScript interpreter, a\n set of C procedures (the Ghostscript library, which implements the graphics\n capabilities in the PostScript language) and an interpreter for Portable\n Document Format (PDF) files.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in Ghostscript's International Color Consortium Format library\n (icclib). An attacker could create a specially-crafted PostScript or PDF\n file with embedded images that would cause Ghostscript to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Ghostscript. (CVE-2012-4405)\n\n Red Hat would like to thank Marc Sch\u00f6nefeld for reporting this issue.\n\n Users of Ghostscript are advised to upgrade to these updated packages,\n which contain a backported patch to correct this issue.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.70~14.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.70~14.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.70~14.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T23:02:35", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-127)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120483", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120483", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120483\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:27:31 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-127)\");\n script_tag(name:\"insight\", value:\"An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially-crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. (CVE-2012-4405 )\");\n script_tag(name:\"solution\", value:\"Run yum update ghostscript to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-127.html\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~8.70~15.22.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.70~15.22.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.70~15.22.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript-debuginfo\", rpm:\"ghostscript-debuginfo~8.70~15.22.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:08", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1581-1", "cvss3": {}, "published": "2012-09-25T00:00:00", "type": "openvas", "title": "Ubuntu Update for ghostscript USN-1581-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841160", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841160", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1581_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for ghostscript USN-1581-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1581-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841160\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-25 09:42:26 +0530 (Tue, 25 Sep 2012)\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1581-1\");\n script_name(\"Ubuntu Update for ghostscript USN-1581-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1581-1\");\n script_tag(name:\"affected\", value:\"ghostscript on Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Marc Schoenefeld discovered that Ghostscript did not correctly handle\n certain image files. If a user or automated system were tricked into\n opening a specially crafted file, an attacker could cause a denial of\n service and possibly execute arbitrary code with user privileges.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libgs8\", ver:\"8.71.dfsg.1-0ubuntu5.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libgs8\", ver:\"8.61.dfsg.1-1ubuntu3.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:39", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for ghostscript RHSA-2012:1256-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870827", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870827", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ghostscript RHSA-2012:1256-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00013.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870827\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:41:19 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:1256-01\");\n script_name(\"RedHat Update for ghostscript RHSA-2012:1256-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n script_tag(name:\"affected\", value:\"ghostscript on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Ghostscript is a set of software that provides a PostScript interpreter, a\n set of C procedures (the Ghostscript library, which implements the graphics\n capabilities in the PostScript language) and an interpreter for Portable\n Document Format (PDF) files.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in Ghostscript's International Color Consortium Format library\n (icclib). An attacker could create a specially-crafted PostScript or PDF\n file with embedded images that would cause Ghostscript to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Ghostscript. (CVE-2012-4405)\n\n Red Hat would like to thank Marc Schoenefeld for reporting this issue.\n\n Users of Ghostscript are advised to upgrade to these updated packages,\n which contain a backported patch to correct this issue.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.70~14.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-debuginfo\", rpm:\"ghostscript-debuginfo~8.70~14.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.70~14.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-debuginfo\", rpm:\"ghostscript-debuginfo~8.70~14.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.70~14.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.70~14.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-06T13:07:29", "description": "Check for the Version of ghostscript", "cvss3": {}, "published": "2012-10-03T00:00:00", "type": "openvas", "title": "Fedora Update for ghostscript FEDORA-2012-13846", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:864755", "href": "http://plugins.openvas.org/nasl.php?oid=864755", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ghostscript FEDORA-2012-13846\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ghostscript is a set of software that provides a PostScript\n interpreter, a set of C procedures (the Ghostscript library, which\n implements the graphics capabilities in the PostScript language) and\n an interpreter for Portable Document Format (PDF) files. Ghostscript\n translates PostScript code into many common, bitmapped formats, like\n those understood by your printer or screen. Ghostscript is normally\n used to display PostScript files and to print PostScript files to\n non-PostScript printers.\n\n If you need to display PostScript files or print them to\n non-PostScript printers, you should install ghostscript. If you\n install ghostscript, you also need to install the ghostscript-fonts\n package.\";\n\ntag_affected = \"ghostscript on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088564.html\");\n script_id(864755);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 09:18:50 +0530 (Wed, 03 Oct 2012)\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-13846\");\n script_name(\"Fedora Update for ghostscript FEDORA-2012-13846\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.05~4.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-06T13:06:24", "description": "Check for the Version of ghostscript", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for ghostscript CESA-2012:1256 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:881501", "href": "http://plugins.openvas.org/nasl.php?oid=881501", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ghostscript CESA-2012:1256 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ghostscript is a set of software that provides a PostScript interpreter, a\n set of C procedures (the Ghostscript library, which implements the graphics\n capabilities in the PostScript language) and an interpreter for Portable\n Document Format (PDF) files.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in Ghostscript's International Color Consortium Format library\n (icclib). An attacker could create a specially-crafted PostScript or PDF\n file with embedded images that would cause Ghostscript to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Ghostscript. (CVE-2012-4405)\n \n Red Hat would like to thank Marc Sch\u00f6nefeld for reporting this issue.\n \n Users of Ghostscript are advised to upgrade to these updated packages,\n which contain a backported patch to correct this issue.\";\n\ntag_affected = \"ghostscript on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-September/018862.html\");\n script_id(881501);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:50:28 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_xref(name: \"CESA\", value: \"2012:1256\");\n script_name(\"CentOS Update for ghostscript CESA-2012:1256 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.70~14.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.70~14.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.70~14.el5_8.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:06:45", "description": "Check for the Version of ghostscript", "cvss3": {}, "published": "2012-10-09T00:00:00", "type": "openvas", "title": "Mandriva Update for ghostscript MDVSA-2012:151-1 (ghostscript)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:831744", "href": "http://plugins.openvas.org/nasl.php?oid=831744", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for ghostscript MDVSA-2012:151-1 (ghostscript)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A security issue was identified and fixed in ghostscript:\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in Ghostscript&#039;s International Color Consortium Format library\n (icclib). An attacker could create a specially-crafted PostScript or\n PDF file with embedded images that would cause Ghostscript to crash\n or, potentially, execute arbitrary code with the privileges of the\n user running Ghostscript (CVE-2012-4405).\n\n The updated packages have been patched to correct this issue.\n\n Update:\n\n Packages for Mandriva Linux 2011 is being provided.\";\n\ntag_affected = \"ghostscript on Mandriva Linux 2011.0\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:151-1\");\n script_id(831744);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-09 10:02:01 +0530 (Tue, 09 Oct 2012)\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2012:151-1\");\n script_name(\"Mandriva Update for ghostscript MDVSA-2012:151-1 (ghostscript)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-common\", rpm:\"ghostscript-common~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-dvipdf\", rpm:\"ghostscript-dvipdf~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-module-X\", rpm:\"ghostscript-module-X~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-X\", rpm:\"ghostscript-X~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgs9\", rpm:\"libgs9~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgs-devel\", rpm:\"libgs-devel~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libijs1\", rpm:\"libijs1~0.35~76.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libijs-devel\", rpm:\"libijs-devel~0.35~76.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gs9\", rpm:\"lib64gs9~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gs-devel\", rpm:\"lib64gs-devel~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ijs1\", rpm:\"lib64ijs1~0.35~76.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ijs-devel\", rpm:\"lib64ijs-devel~0.35~76.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:07:28", "description": "Check for the Version of ghostscript", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for ghostscript RHSA-2012:1256-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:870827", "href": "http://plugins.openvas.org/nasl.php?oid=870827", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ghostscript RHSA-2012:1256-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ghostscript is a set of software that provides a PostScript interpreter, a\n set of C procedures (the Ghostscript library, which implements the graphics\n capabilities in the PostScript language) and an interpreter for Portable\n Document Format (PDF) files.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in Ghostscript's International Color Consortium Format library\n (icclib). An attacker could create a specially-crafted PostScript or PDF\n file with embedded images that would cause Ghostscript to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Ghostscript. (CVE-2012-4405)\n\n Red Hat would like to thank Marc Sch\u00f6nefeld for reporting this issue.\n\n Users of Ghostscript are advised to upgrade to these updated packages,\n which contain a backported patch to correct this issue.\";\n\ntag_affected = \"ghostscript on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00013.html\");\n script_id(870827);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:41:19 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:1256-01\");\n script_name(\"RedHat Update for ghostscript RHSA-2012:1256-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.70~14.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-debuginfo\", rpm:\"ghostscript-debuginfo~8.70~14.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.70~14.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-debuginfo\", rpm:\"ghostscript-debuginfo~8.70~14.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.70~14.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.70~14.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-10-09T00:00:00", "type": "openvas", "title": "Mandriva Update for ghostscript MDVSA-2012:151-1 (ghostscript)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831744", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831744", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for ghostscript MDVSA-2012:151-1 (ghostscript)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:151-1\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831744\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-09 10:02:01 +0530 (Tue, 09 Oct 2012)\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"MDVSA\", value:\"2012:151-1\");\n script_name(\"Mandriva Update for ghostscript MDVSA-2012:151-1 (ghostscript)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_2011\\.0\");\n script_tag(name:\"affected\", value:\"ghostscript on Mandriva Linux 2011.0\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A security issue was identified and fixed in ghostscript:\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in Ghostscript's International Color Consortium Format library\n (icclib). An attacker could create a specially-crafted PostScript or\n PDF file with embedded images that would cause Ghostscript to crash\n or, potentially, execute arbitrary code with the privileges of the\n user running Ghostscript (CVE-2012-4405).\n\n The updated packages have been patched to correct this issue.\n\n Update:\n\n Packages for Mandriva Linux 2011 is being provided.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-common\", rpm:\"ghostscript-common~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-dvipdf\", rpm:\"ghostscript-dvipdf~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-module-X\", rpm:\"ghostscript-module-X~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-X\", rpm:\"ghostscript-X~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgs9\", rpm:\"libgs9~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgs-devel\", rpm:\"libgs-devel~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libijs1\", rpm:\"libijs1~0.35~76.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libijs-devel\", rpm:\"libijs-devel~0.35~76.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gs9\", rpm:\"lib64gs9~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gs-devel\", rpm:\"lib64gs-devel~9.02~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ijs1\", rpm:\"lib64ijs1~0.35~76.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ijs-devel\", rpm:\"lib64ijs-devel~0.35~76.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-10-03T00:00:00", "type": "openvas", "title": "Fedora Update for ghostscript FEDORA-2012-13846", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864755", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864755", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ghostscript FEDORA-2012-13846\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088564.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864755\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 09:18:50 +0530 (Wed, 03 Oct 2012)\");\n script_cve_id(\"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-13846\");\n script_name(\"Fedora Update for ghostscript FEDORA-2012-13846\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"ghostscript on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.05~4.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:51:26", "description": "Marc Schoenefeld discovered that an integer overflow in the ICC parsing\ncode of Ghostscript can lead to the execution of arbitrary code.", "cvss3": {}, "published": "2013-09-18T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2595-1 (ghostscript - integer overflow)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:892595", "href": "http://plugins.openvas.org/nasl.php?oid=892595", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2595_1.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2595-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"ghostscript on Debian Linux\";\ntag_insight = \"Ghostscript is used for PostScript/PDF preview and printing. Usually as\na back-end to a program such as ghostview, it can display PostScript and PDF\ndocuments in an X11 environment.\";\ntag_solution = \"For the stable distribution (squeeze), this problem has been fixed in\nversion 8.71~dfsg2-9+squeeze1.\n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 9.05~dfsg-6.1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 9.05~dfsg-6.1.\n\nWe recommend that you upgrade your ghostscript packages.\";\ntag_summary = \"Marc Schoenefeld discovered that an integer overflow in the ICC parsing\ncode of Ghostscript can lead to the execution of arbitrary code.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892595);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2012-4405\");\n script_name(\"Debian Security Advisory DSA 2595-1 (ghostscript - integer overflow)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-18 11:53:02 +0200 (Wed, 18 Sep 2013)\");\n script_tag(name: \"cvss_base\", value:\"6.8\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2012/dsa-2595.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-cups\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-doc\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-common\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-esp\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-dev\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs8\", ver:\"8.71~dfsg2-9+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-cups\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-dbg\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-doc\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-dev\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs9\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs9-common\", ver:\"9.05~dfsg-6.1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:22", "description": "Gentoo Linux Local Security Checks GLSA 201412-17", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201412-17", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2012-4405", "CVE-2009-4270", "CVE-2010-1628", "CVE-2010-2055", "CVE-2009-0792", "CVE-2009-3743", "CVE-2009-4897", "CVE-2010-4054"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121303", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121303", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201412-17.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121303\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:11 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201412-17\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201412-17\");\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2009-3743\", \"CVE-2009-4270\", \"CVE-2009-4897\", \"CVE-2010-1628\", \"CVE-2010-2055\", \"CVE-2010-4054\", \"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201412-17\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"app-text/ghostscript-gpl\", unaffected: make_list(\"ge 9.10-r2\"), vulnerable: make_list(\"lt 9.10-r2\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2022-11-01T21:37:49", "description": "**Issue Overview:**\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially-crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. (CVE-2012-4405)\n\n \n**Affected Packages:** \n\n\nghostscript\n\n \n**Issue Correction:** \nRun _yum update ghostscript_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 ghostscript-doc-8.70-15.22.amzn1.i686 \n \u00a0\u00a0\u00a0 ghostscript-devel-8.70-15.22.amzn1.i686 \n \u00a0\u00a0\u00a0 ghostscript-8.70-15.22.amzn1.i686 \n \u00a0\u00a0\u00a0 ghostscript-debuginfo-8.70-15.22.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 ghostscript-8.70-15.22.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 ghostscript-devel-8.70-15.22.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ghostscript-debuginfo-8.70-15.22.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ghostscript-doc-8.70-15.22.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ghostscript-8.70-15.22.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2012-4405](<https://access.redhat.com/security/cve/CVE-2012-4405>)\n\nMitre: [CVE-2012-4405](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4405>)\n", "cvss3": {}, "published": "2012-09-22T21:37:00", "type": "amazon", "title": "Medium: ghostscript", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2014-09-14T17:04:00", "id": "ALAS-2012-127", "href": "https://alas.aws.amazon.com/ALAS-2012-127.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2022-12-14T06:02:49", "description": "Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error.", "cvss3": {}, "published": "2012-09-18T17:55:00", "type": "debiancve", "title": "CVE-2012-4405", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2012-09-18T17:55:00", "id": "DEBIANCVE:CVE-2012-4405", "href": "https://security-tracker.debian.org/tracker/CVE-2012-4405", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-21T23:38:34", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2595-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nDecember 30, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : ghostscript\nVulnerability : integer overflow\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-4405\n\nMarc Schoenefeld discovered that an integer overflow in the ICC parsing\ncode of Ghostscript can lead to the execution of arbitrary code.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 8.71~dfsg2-9+squeeze1.\n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 9.05~dfsg-6.1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 9.05~dfsg-6.1.\n\nWe recommend that you upgrade your ghostscript packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2012-12-30T15:23:00", "type": "debian", "title": "[SECURITY] [DSA 2595-1] ghostscript security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2012-12-30T15:23:00", "id": "DEBIAN:DSA-2595-1:BB2B1", "href": "https://lists.debian.org/debian-security-announce/2012/msg00239.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:48", "description": "Integer overflow on PostScript/PDF embedded images parsing.", "edition": 1, "cvss3": {}, "published": "2012-09-19T00:00:00", "type": "securityvulns", "title": "icclib / ghostscript integer overflow", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2012-09-19T00:00:00", "id": "SECURITYVULNS:VULN:12591", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12591", "sourceData": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:45", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2012:151\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : ghostscript\r\n Date : September 12, 2012\r\n Affected: Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A security issue was identified and fixed in ghostscript:\r\n \r\n An integer overflow flaw, leading to a heap-based buffer overflow, was\r\n found in Ghostscript&#039;s International Color Consortium Format library\r\n &#40;icclib&#41;. An attacker could create a specially-crafted PostScript or\r\n PDF file with embedded images that would cause Ghostscript to crash\r\n or, potentially, execute arbitrary code with the privileges of the\r\n user running Ghostscript &#40;CVE-2012-4405&#41;.\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4405\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Enterprise Server 5:\r\n 977ae6ecfbc3bff97bd4eadfe26df0ee mes5/i586/ghostscript-8.63-62.6mdvmes5.2.i586.rpm\r\n 2e43a0e9c56340e57cfab25d598025dd mes5/i586/ghostscript-common-8.63-62.6mdvmes5.2.i586.rpm\r\n ea8cb18b773aba338169aa2ebbf04b95 mes5/i586/ghostscript-doc-8.63-62.6mdvmes5.2.i586.rpm\r\n 5df859b07b651e1cad51ea57723fa5ff mes5/i586/ghostscript-dvipdf-8.63-62.6mdvmes5.2.i586.rpm\r\n aae418922c445203bdaa3d53ef901f57 mes5/i586/ghostscript-module-X-8.63-62.6mdvmes5.2.i586.rpm\r\n f19c0449254508adbc651a56388fe88f mes5/i586/ghostscript-X-8.63-62.6mdvmes5.2.i586.rpm\r\n 6256d49895b9046c1582004d5787477a mes5/i586/libgs8-8.63-62.6mdvmes5.2.i586.rpm\r\n c346efc4c540ee68d4f262a62690386d mes5/i586/libgs8-devel-8.63-62.6mdvmes5.2.i586.rpm\r\n 11ce657b5614a969ea25d71cb8aae347 mes5/i586/libijs1-0.35-62.6mdvmes5.2.i586.rpm\r\n 1edca661d3a9fdcc2df971e4263696c2 mes5/i586/libijs1-devel-0.35-62.6mdvmes5.2.i586.rpm \r\n dda7b0b949469a08db02523a4705fa9e mes5/SRPMS/ghostscript-8.63-62.6mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n e5180ea0a88b1bc012c29c846771563f mes5/x86_64/ghostscript-8.63-62.6mdvmes5.2.x86_64.rpm\r\n 0d1fd9f25543c91e8fa66cbf68f70d7d mes5/x86_64/ghostscript-common-8.63-62.6mdvmes5.2.x86_64.rpm\r\n 2091715e49a9403a13dde41c3690114a mes5/x86_64/ghostscript-doc-8.63-62.6mdvmes5.2.x86_64.rpm\r\n ded9ad507367731d19394034607de9ba mes5/x86_64/ghostscript-dvipdf-8.63-62.6mdvmes5.2.x86_64.rpm\r\n 178b444a8bd86d8487d6635b42df9c5a mes5/x86_64/ghostscript-module-X-8.63-62.6mdvmes5.2.x86_64.rpm\r\n a14d48537ed8e7fc3ac6fc1038b40503 mes5/x86_64/ghostscript-X-8.63-62.6mdvmes5.2.x86_64.rpm\r\n 588cfaf795df7fa453831878822871f1 mes5/x86_64/lib64gs8-8.63-62.6mdvmes5.2.x86_64.rpm\r\n 59064bd56076e1040c8c92a84fb0f045 mes5/x86_64/lib64gs8-devel-8.63-62.6mdvmes5.2.x86_64.rpm\r\n 3a5f902af8cb8c71971f1744a3760ef9 mes5/x86_64/lib64ijs1-0.35-62.6mdvmes5.2.x86_64.rpm\r\n 941c215f139a3ce995685fb138cceb89 mes5/x86_64/lib64ijs1-devel-0.35-62.6mdvmes5.2.x86_64.rpm \r\n dda7b0b949469a08db02523a4705fa9e mes5/SRPMS/ghostscript-8.63-62.6mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFQUGhOmqjQ0CJFipgRAm2xAKC9laZgTGUd/GimObZpbPyfUhfDOgCfZP7a\r\n3SgRerlRpsWlkxl4bCWkFVo=\r\n=LKkp\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "cvss3": {}, "published": "2012-09-19T00:00:00", "title": "[ MDVSA-2012:151 ] ghostscript", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2012-09-19T00:00:00", "id": "SECURITYVULNS:DOC:28570", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28570", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2022-03-23T12:55:00", "description": "Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error.", "cvss3": {}, "published": "2012-09-18T17:55:00", "type": "cve", "title": "CVE-2012-4405", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2017-08-29T01:32:00", "cpe": ["cpe:/a:color:icclib:-", "cpe:/a:argyllcms:cms:-", "cpe:/a:ghostscript:ghostscript:9.06"], "id": "CVE-2012-4405", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4405", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:ghostscript:ghostscript:9.06:*:*:*:*:*:*:*", "cpe:2.3:a:argyllcms:cms:-:*:*:*:*:*:*:*", "cpe:2.3:a:color:icclib:-:*:*:*:*:*:*:*"]}], "suse": [{"lastseen": "2016-09-04T11:28:45", "description": "The following security issue was fixed in ghostscript:\n\n Multiple integer underflows in the icmLut_allocate function\n in International Color Consortium (ICC) Format library\n (icclib), as used in Ghostscript 9.06 and Argyll Color\n Management System, allow remote attackers to cause a denial\n of service (crash) and possibly execute arbitrary code via\n a crafted (1) PostScript or (2) PDF file with embedded\n images, which triggers a heap-based buffer overflow. NOTE:\n this issue is also described as an array index error.\n\n", "cvss3": {}, "published": "2012-10-04T18:09:42", "type": "suse", "title": "ghostscript (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2012-10-04T18:09:42", "id": "OPENSUSE-SU-2012:1289-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00001.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:25:25", "description": "This update fixes an array index error leading to a\n heap-based buffer overflow in ghostscript-library.\n CVE-2012-4405 has been assigned to this issue.\n", "cvss3": {}, "published": "2012-09-19T23:08:32", "type": "suse", "title": "Security update for ghostscript (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2012-09-19T23:08:32", "id": "SUSE-SU-2012:1222-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00031.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osv": [{"lastseen": "2022-07-21T08:30:17", "description": "\nMarc Schoenefeld discovered that an integer overflow in the ICC parsing\ncode of Ghostscript can lead to the execution of arbitrary code.\n\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 8.71~dfsg2-9+squeeze1.\n\n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 9.05~dfsg-6.1.\n\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 9.05~dfsg-6.1.\n\n\nWe recommend that you upgrade your ghostscript packages.\n\n\n", "edition": 1, "cvss3": {}, "published": "2012-12-30T00:00:00", "type": "osv", "title": "ghostscript - buffer overflow", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2022-07-21T05:47:51", "id": "OSV:DSA-2595-1", "href": "https://osv.dev/vulnerability/DSA-2595-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:01", "description": "[8.70-14:.1]\n- Added inputChan lower-bounds checking to icclib (bug #854227,\n CVE-2012-4405).", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "oraclelinux", "title": "ghostscript security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2012-4405"], "modified": "2012-09-11T00:00:00", "id": "ELSA-2012-1256", "href": "http://linux.oracle.com/errata/ELSA-2012-1256.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:09:06", "description": "### Background\n\nArgyllCMS is an ICC compatible color management system that supports accurate ICC profile creation for scanners, cameras and film recorders. \n\n### Description\n\nMultiple integer overflow vulnerabilities have been discovered in the ICC Format Library in ArgyllCMS. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted image file using ArgyllCMS, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll ArgyllCMS users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-gfx/argyllcms-1.4.0-r1\"", "cvss3": {}, "published": "2014-02-28T00:00:00", "type": "gentoo", "title": "ArgyllCMS: User-assisted execution of arbitrary code", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2014-02-28T00:00:00", "id": "GLSA-201402-29", "href": "https://security.gentoo.org/glsa/201402-29", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-17T19:07:23", "description": "### Background\n\nGhostscript is an interpreter for the PostScript language and for PDF.\n\n### Description\n\nMultiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker could entice a user to open a specially crafted PostScript file or PDF using GPL Ghostscript, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll GPL Ghostscript users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=app-text/ghostscript-gpl-9.10-r2\"", "cvss3": {}, "published": "2014-12-13T00:00:00", "type": "gentoo", "title": "GPL Ghostscript: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-3743", "CVE-2009-4270", "CVE-2009-4897", "CVE-2010-1628", "CVE-2010-2055", "CVE-2010-4054", "CVE-2012-4405"], "modified": "2014-12-13T00:00:00", "id": "GLSA-201412-17", "href": "https://security.gentoo.org/glsa/201412-17", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-19T18:40:07", "description": "Ghostscript is a set of software that provides a PostScript interpreter, a\nset of C procedures (the Ghostscript library, which implements the graphics\ncapabilities in the PostScript language) and an interpreter for Portable\nDocument Format (PDF) files.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in Ghostscript's International Color Consortium Format library\n(icclib). An attacker could create a specially-crafted PostScript or PDF\nfile with embedded images that would cause Ghostscript to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nGhostscript. (CVE-2012-4405)\n\nRed Hat would like to thank Marc Schonefeld for reporting this issue.\n\nUsers of Ghostscript are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue.\n", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "redhat", "title": "(RHSA-2012:1256) Moderate: ghostscript security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2018-06-06T16:24:13", "id": "RHSA-2012:1256", "href": "https://access.redhat.com/errata/RHSA-2012:1256", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "description": "Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package. ", "cvss3": {}, "published": "2012-09-28T23:53:55", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: ghostscript-9.05-4.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2012-09-28T23:53:55", "id": "FEDORA:C506220641", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UC7G3WLVPAMNZDE4FRWGBA7IBCU2R5KT/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package. ", "cvss3": {}, "published": "2012-09-28T23:55:57", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: ghostscript-9.05-2.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2012-09-28T23:55:57", "id": "FEDORA:8A1E020AD8", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/YTV6NO6N2GPMNB2PXA3VFAMSRC7ETMBG/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2023-01-01T04:45:47", "description": "**CentOS Errata and Security Advisory** CESA-2012:1256\n\n\nGhostscript is a set of software that provides a PostScript interpreter, a\nset of C procedures (the Ghostscript library, which implements the graphics\ncapabilities in the PostScript language) and an interpreter for Portable\nDocument Format (PDF) files.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in Ghostscript's International Color Consortium Format library\n(icclib). An attacker could create a specially-crafted PostScript or PDF\nfile with embedded images that would cause Ghostscript to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nGhostscript. (CVE-2012-4405)\n\nRed Hat would like to thank Marc Schonefeld for reporting this issue.\n\nUsers of Ghostscript are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2012-September/068337.html\nhttps://lists.centos.org/pipermail/centos-announce/2012-September/068339.html\n\n**Affected packages:**\nghostscript\nghostscript-devel\nghostscript-doc\nghostscript-gtk\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2012:1256", "cvss3": {}, "published": "2012-09-11T18:52:01", "type": "centos", "title": "ghostscript security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2012-09-11T20:01:23", "id": "CESA-2012:1256", "href": "https://lists.centos.org/pipermail/centos-announce/2012-September/068337.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2023-01-26T15:57:31", "description": "Multiple integer underflows in the icmLut_allocate function in\nInternational Color Consortium (ICC) Format library (icclib), as used in\nGhostscript 9.06 and Argyll Color Management System, allow remote attackers\nto cause a denial of service (crash) and possibly execute arbitrary code\nvia a crafted (1) PostScript or (2) PDF file with embedded images, which\ntriggers a heap-based buffer overflow. NOTE: this issue is also described\nas an array index error.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=854227>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687274 (gs)>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687275 (argyll)>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | icclib isn't built in oneiric.\n", "cvss3": {}, "published": "2012-09-18T00:00:00", "type": "ubuntucve", "title": "CVE-2012-4405", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2012-09-18T00:00:00", "id": "UB:CVE-2012-4405", "href": "https://ubuntu.com/security/CVE-2012-4405", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2023-01-26T13:36:16", "description": "## Releases\n\n * Ubuntu 10.04 \n * Ubuntu 8.04 \n\n## Packages\n\n * ghostscript \\- The GPL Ghostscript PostScript/PDF interpreter\n\nMarc Sch\u00f6nefeld discovered that Ghostscript did not correctly handle \ncertain image files. If a user or automated system were tricked into \nopening a specially crafted file, an attacker could cause a denial of \nservice and possibly execute arbitrary code with user privileges.\n", "cvss3": {}, "published": "2012-09-24T00:00:00", "type": "ubuntu", "title": "Ghostscript vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4405"], "modified": "2012-09-24T00:00:00", "id": "USN-1581-1", "href": "https://ubuntu.com/security/notices/USN-1581-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}