21 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-15911
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to...
BELL-CVE-2018-15911 CVE-2018-15911 does not affect BellSoft software
Bulletin has no description...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1022)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1209)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1049)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1205)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2018-1412)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1016)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-15911
It was discovered that ghostscript did not properly verify the key used in aesdecode. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted PostScript document...
EulerOS Virtualization 2.5.3 : ghostscript (EulerOS-SA-2019-1205)
According to the versions of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was discovered that the ghostscript .tempfile function did not properly handle file permissions. An attacker could possibl...
EulerOS 2.0 SP2 : ghostscript (EulerOS-SA-2019-1049)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ghostscript: Incorrect 'restoration of privilege' checking when running out of stack during exception handling CVE-2018-16802 - ghostscript...
Fedora 28 : ghostscript (2018-56221eb24b)
This is a rebase to latest upstream version of Ghostscript, which fixes several high important CVEs recently discovered. It is advised to update this version as soon as possible. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update syste...
Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20181217)
Security Fixes : - ghostscript: Incorrect free logic in pagedevice replacement 699664 CVE-2018-16541 - ghostscript: Incorrect 'restoration of privilege' checking when running out of stack during exception handling CVE-2018-16802 - ghostscript: User-writable error exception table CVE-2018-17183 -...
ghostscript security and bug fix update
9.07-31.el76.6 - Resolves: 1657822 - ghostscript: Regression: Warning: Dropping incorrect smooth shading object Error: /rangecheck in --run-- 9.07-31.el76.5 - Resolves: 1654621 - CVE-2018-16541 ghostscript: incorrect free logic in pagedevice replacement 699664 - Resolves: 1650210 - CVE-2018-17183...
SUSE SLES12 Security Update : ghostscript (SUSE-SU-2018:2975-2)
This update for ghostscript to version 9.25 fixes the following issues : These security issues were fixed : CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 CVE-2018-15909: Prevent type confusio...
SUSE-SU-2018:2975-2 Security update for ghostscript
This update for ghostscript to version 9.25 fixes the following issues: These security issues were fixed: - CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 - CVE-2018-15909: Prevent type...
openSUSE: Security Advisory for ghostscript (openSUSE-SU-2018:3036-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Debian DSA-4288-1 : ghostscript - security update
Tavis Ormandy discovered multiple vulnerabilites in Ghostscript, an interpreter for the PostScript language, which could result in denial of service, the creation of files or the execution of arbitrary code if a malformed Postscript file is processed despite the dSAFER sandbox being enabled. C...
CVE-2018-15911
In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code...
CVE-2018-15911
In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code...