Lucene search
OracleLinuxELSA-2019-2586HistorySep 02, 2019 - 12:00 a.m.
ghostscript security update
2019-09-0200:00:00
linux.oracle.com
139
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
[9.25-2.2]
- Resolves: #1744008 - CVE-2019-14811 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdf_hook_DSC_Creator (701445)
- Resolves: #1744012 - CVE-2019-14812 ghostscript: Safer Mode Bypass by .forceput Exposure in setuserparams (701444)
- Resolves: #1744003 - CVE-2019-14813 ghostscript: Safer Mode Bypass by .forceput Exposure in setsystemparams (701443)
- Resolves: #1744228 - CVE-2019-14817 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdfexectoken and other procedures (701450)
[9.25-2.1] - Resolves: #1737338 - CVE-2019-10216 ghostscript: -dSAFER escape via .buildfont1 (701394)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | ghostscript | < 9.25-2.el7_7.2 | ghostscript-9.25-2.el7_7.2.src.rpm |
| oracle linux | 7 | aarch64 | ghostscript | < 9.25-2.el7_7.2 | ghostscript-9.25-2.el7_7.2.aarch64.rpm |
| oracle linux | 7 | aarch64 | ghostscript-cups | < 9.25-2.el7_7.2 | ghostscript-cups-9.25-2.el7_7.2.aarch64.rpm |
| oracle linux | 7 | noarch | ghostscript-doc | < 9.25-2.el7_7.2 | ghostscript-doc-9.25-2.el7_7.2.noarch.rpm |
| oracle linux | 7 | aarch64 | ghostscript-gtk | < 9.25-2.el7_7.2 | ghostscript-gtk-9.25-2.el7_7.2.aarch64.rpm |
| oracle linux | 7 | aarch64 | libgs | < 9.25-2.el7_7.2 | libgs-9.25-2.el7_7.2.aarch64.rpm |
| oracle linux | 7 | aarch64 | libgs-devel | < 9.25-2.el7_7.2 | libgs-devel-9.25-2.el7_7.2.aarch64.rpm |
| oracle linux | 7 | src | ghostscript | < 9.25-2.el7_7.2 | ghostscript-9.25-2.el7_7.2.src.rpm |
| oracle linux | 7 | i686 | ghostscript | < 9.25-2.el7_7.2 | ghostscript-9.25-2.el7_7.2.i686.rpm |
| oracle linux | 7 | x86_64 | ghostscript | < 9.25-2.el7_7.2 | ghostscript-9.25-2.el7_7.2.x86_64.rpm |
Related
oraclelinux
oraclelinux
ghostscript security update
2019-09-06 00:00:00
ghostscript security update
2019-08-16 00:00:00
ghostscript security update
2019-08-13 00:00:00
nessus
nessus
Oracle Linux 8 : ghostscript (ELSA-2019-2591)
2019-09-09 00:00:00
Debian DSA-4518-1 : ghostscript - security update
2019-09-09 00:00:00
CentOS 8 : ghostscript (CESA-2019:2591)
2021-01-29 00:00:00
osv
osv
ghostscript - security update
2019-09-07 00:00:00
ghostscript - security update
2019-09-09 00:00:00
ghostscript - security update
2019-08-13 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4518-1)
2019-09-10 00:00:00
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2020-1348)
2020-04-01 00:00:00
Ubuntu: Security Advisory (USN-4111-1)
2019-08-29 00:00:00
archlinux
archlinux
[ASA-201911-5] ghostscript: sandbox escape
2019-11-03 00:00:00
debian
debian
[SECURITY] [DLA 1915-1] ghostscript security update
2019-09-09 12:08:44
[SECURITY] [DSA 4518-1] ghostscript security update
2019-09-07 15:42:39
[SECURITY] [DSA 4518-1] ghostscript security update
2019-09-07 15:42:39
redhat
redhat
(RHSA-2019:2586) Important: ghostscript security update
2019-09-02 07:04:45
(RHSA-2019:2534) Important: Red Hat 3scale API Management 2.6.0 release and security update
2019-08-21 11:27:32
(RHSA-2019:2591) Important: ghostscript security update
2019-09-02 07:36:36
freebsd
freebsd
Ghostscript -- Security bypass vulnerabilities
2019-08-20 00:00:00
centos
centos
ghostscript, libgs security update
2019-09-18 18:44:20
mageia
mageia
Updated ghostscript packages fix security vulnerabilities
2019-09-12 22:09:52
Updated ghostscript packages fix security vulnerability
2019-08-31 16:22:36
fedora
fedora
[SECURITY] Fedora 30 Update: ghostscript-9.27-2.fc30
2019-11-18 01:19:29
[SECURITY] Fedora 30 Update: ghostscript-9.27-1.fc30
2019-09-25 01:09:18
[SECURITY] Fedora 31 Update: ghostscript-9.27-1.fc31
2019-09-22 01:23:29
ubuntu
ubuntu
Ghostscript vulnerabilities
2019-08-29 00:00:00
Ghostscript vulnerability
2019-08-12 00:00:00
gentoo
gentoo
GPL Ghostscript: Multiple vulnerabilities
2020-04-01 00:00:00
suse
suse
Security update for ghostscript (important)
2019-09-30 00:00:00
Security update for ghostscript (important)
2019-09-30 00:00:00
Security update for ghostscript (moderate)
2019-09-24 00:00:00
prion
prion
Authentication flaw
2019-11-27 13:15:00
Command injection
2019-09-03 16:15:00
Command injection
2019-09-06 14:15:00
ubuntucve
ubuntucve
debiancve
debiancve
alpinelinux
alpinelinux
myhack58
myhack58
cve
cve
veracode
veracode
Privilege Escalation
2019-08-13 00:29:28
Safer Restriction Bypass
2019-09-03 00:20:39
Safer Restriction Bypass
2019-09-03 00:20:36
redhatcve
redhatcve
symantec
symantec
Artifex Ghostscript CVE-2019-14812 Remote Privilege Escalation Vulnerability
2019-08-20 00:00:00
amazon
amazon
Important: ghostscript
2021-02-17 00:58:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related for ELSA-2019-2586