Lucene search
RedHatRHSA-2017:1230HistoryMay 12, 2017 - 8:05 a.m.
(RHSA-2017:1230) Important: ghostscript security update
2017-05-1208:05:57
access.redhat.com
56
0.255 Low
EPSS
Percentile
96.7%
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.
Security Fix(es):
- It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER protection. (CVE-2017-8291)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | s390x | ghostscript | < 9.07-20.el7_3.5 | ghostscript-9.07-20.el7_3.5.s390x.rpm |
| RedHat | 7 | s390x | ghostscript-cups | < 9.07-20.el7_3.5 | ghostscript-cups-9.07-20.el7_3.5.s390x.rpm |
| RedHat | 7 | ppc64 | ghostscript-debuginfo | < 9.07-20.el7_3.5 | ghostscript-debuginfo-9.07-20.el7_3.5.ppc64.rpm |
| RedHat | 6 | i686 | ghostscript-devel | < 8.70-23.el6_9.2 | ghostscript-devel-8.70-23.el6_9.2.i686.rpm |
| RedHat | 7 | x86_64 | ghostscript-debuginfo | < 9.07-20.el7_3.5 | ghostscript-debuginfo-9.07-20.el7_3.5.x86_64.rpm |
| RedHat | 6 | i686 | ghostscript-debuginfo | < 8.70-23.el6_9.2 | ghostscript-debuginfo-8.70-23.el6_9.2.i686.rpm |
| RedHat | 7 | aarch64 | ghostscript-devel | < 9.07-20.el7_3.5 | ghostscript-devel-9.07-20.el7_3.5.aarch64.rpm |
| RedHat | 7 | ppc64 | ghostscript-gtk | < 9.07-20.el7_3.5 | ghostscript-gtk-9.07-20.el7_3.5.ppc64.rpm |
| RedHat | 7 | ppc64le | ghostscript-gtk | < 9.07-20.el7_3.5 | ghostscript-gtk-9.07-20.el7_3.5.ppc64le.rpm |
| RedHat | 7 | s390 | ghostscript-debuginfo | < 9.07-20.el7_3.5 | ghostscript-debuginfo-9.07-20.el7_3.5.s390.rpm |
Related
cisa_kev
cisa_kev
Artifex Ghostscript Type Confusion Vulnerability
2022-05-24 00:00:00
archlinux
archlinux
[ASA-201705-3] ghostscript: arbitrary command execution
2017-05-07 00:00:00
cvelist
cvelist
CVE-2017-8291
2017-04-27 01:41:00
oraclelinux
oraclelinux
ghostscript security update
2017-05-12 00:00:00
ghostscript security update
2018-12-03 00:00:00
ghostscript security and bug fix update
2017-08-07 00:00:00
nessus
nessus
openvas
openvas
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2017-1101)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2017-1100)
2020-01-23 00:00:00
CentOS Update for ghostscript CESA-2017:1230 centos7
2017-05-16 00:00:00
redhatcve
redhatcve
CVE-2017-8291
2017-04-27 08:19:47
suse
suse
Security update for ghostscript-library (important)
2017-05-17 12:09:28
Security update for ghostscript-library (important)
2017-05-03 15:10:11
Security update for ghostscript (important)
2017-05-24 21:13:32
ubuntucve
ubuntucve
CVE-2017-8291
2017-04-26 00:00:00
zdt
zdt
Ghostscript 9.21 Type Confusion Arbitrary Command Execution Exploit
2017-05-02 00:00:00
checkpoint_advisories
checkpoint_advisories
Ghostscript Type Confusion Arbitrary Command Execution (CVE-2017-8291)
2017-05-08 00:00:00
osv
osv
ghostscript - security update
2017-05-07 00:00:00
CVE-2017-8291
2017-04-27 01:59:02
ghostscript - security update
2017-04-28 00:00:00
nvd
nvd
CVE-2017-8291
2017-04-27 01:59:02
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 09:16:42
packetstorm
packetstorm
Ghostscript 9.21 Type Confusion Arbitrary Command Execution
2017-05-01 00:00:00
amazon
amazon
Important: ghostscript
2017-06-06 16:51:00
thn
thn
North Korea's APT37 Targeting Southern Counterpart with New M2RAT Malware
2023-02-15 14:59:00
Critical Flaws in Ghostscript Could Leave Many Systems at Risk of Hacking
2018-08-22 08:27:00
debian
debian
[SECURITY] [DLA 932-1] ghostscript security update
2017-05-07 05:57:50
[SECURITY] [DSA 3838-1] ghostscript security update
2017-04-28 11:51:39
[SECURITY] [DSA 3838-1] ghostscript security update
2017-04-28 11:51:39
centos
centos
ghostscript security update
2017-05-15 15:59:50
alpinelinux
alpinelinux
CVE-2017-8291
2017-04-27 01:59:02
metasploit
metasploit
Ghostscript Type Confusion Arbitrary Command Execution
2017-04-28 14:56:52
debiancve
debiancve
CVE-2017-8291
2017-04-27 01:59:02
hackerone
hackerone
Basecamp: Remote code execution on Basecamp.com
2018-06-13 07:27:51
attackerkb
attackerkb
CVE-2017-8291
2017-04-27 00:00:00
f5
f5
K01362377 : Ghostscript vulnerability CVE-2017-8291
2017-05-08 00:00:00
ibm
ibm
Security Bulletin: A vulnerability in ghostscript affects PowerKVM
2018-06-18 01:36:14
prion
prion
Type confusion
2017-04-27 01:59:00
cve
cve
CVE-2017-8291
2017-04-27 01:59:02
seebug
seebug
Ghostscript remote code execution (CVE-2017-8291)
(ghostbutt)
2017-04-29 00:00:00
exploitdb
exploitdb
Ghostscript 9.21 - Type Confusion Arbitrary Command Execution (Metasploit)
2017-05-02 00:00:00
rapid7community
rapid7community
Metasploit Weekly Wrapup
2017-05-05 20:37:48
ubuntu
ubuntu
Ghostscript regression
2017-05-16 00:00:00
Ghostscript vulnerabilities
2017-04-28 00:00:00
gentoo
gentoo
GPL Ghostscript: Multiple vulnerabilities
2017-08-21 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: ghostscript-9.20-10.fc26
2017-05-08 14:25:23
[SECURITY] Fedora 24 Update: ghostscript-9.20-9.fc24
2017-05-15 04:28:05
[SECURITY] Fedora 25 Update: ghostscript-9.20-9.fc25
2017-05-07 00:03:32
mageia
mageia
Updated ghostscript packages fix security vulnerability
2017-05-08 01:16:00