5485 matches found
The vulnerability of the .pdfhook_DSC_Creator procedure of the Ghostscript file conversion program allows a hacker to gain access to the file system.
The vulnerability of the .pdfhookDSCCreator procedure of the Ghostscript file conversion program is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain access to the file system by circumventing the restrictions imposed by -dSAFER, using a...
CentOS Update for ghostscript CESA-2019:2586 centos7
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of the .buildfont1 procedure in the Ghostscript file conversion program allows a perpetrator to gain elevated privileges and access to the file system.
The vulnerability of the .buildfont1 procedure in the Ghostscript file conversion program is related to the improper use of privileged APIs. Exploiting this vulnerability allows a malicious actor to enhance their privileges and gain access to the file system beyond the restrictions imposed by...
CentOS 7 : ghostscript (CESA-2019:2586)
An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
ghostscript, libgs security update
CentOS Errata and Security Advisory CESA-2019:2586 An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
OPENSUSE-SU-2019:2139-1 Security update for ghostscript
This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621. This update was imported from the SUSE:SLE-15:Update update project...
openSUSE Security Update : ghostscript (openSUSE-2019-2139)
This update for ghostscript fixes the following issues : Security issue fixed : - CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text a...
Security update for ghostscript (moderate)
openSUSE Security Update: Security update for ghostscript Announcement ID: openSUSE-SU-2019:2139-1 Rating: moderate References: 1144621 Cross-References: CVE-2019-10216 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...
MGASA-2019-0271 Updated ghostscript packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Safer Mode Bypass by .forceput Exposure in .pdfhookDSCCreator. CVE-2019-14811 Safer Mode Bypass by .forceput Exposure in setuserparams. CVE-2019-14812 Safer Mode Bypass by .forceput Exposure in setsystemparams. CVE-2019-14813 Safer Mode Bypass by...
Updated ghostscript packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Safer Mode Bypass by .forceput Exposure in .pdfhookDSCCreator. CVE-2019-14811 Safer Mode Bypass by .forceput Exposure in setuserparams. CVE-2019-14812 Safer Mode Bypass by .forceput Exposure in setsystemparams. CVE-2019-14813 Safer Mode Bypass by...
SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2019:2347-1)
This update for ghostscript fixes the following issues : Security issue fixed : CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...
SUSE SLED15 / SLES15 Security Update : ghostscript (SUSE-SU-2019:2348-1)
This update for ghostscript fixes the following issues : Security issue fixed : CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...
SUSE-SU-2019:2348-1 Security update for ghostscript
This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621...
SUSE-SU-2019:2347-1 Security update for ghostscript
This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621...
Debian DLA-1915-1 : ghostscript security update
It was discovered that various procedures in Ghostscript, the GPL PostScript/PDF interpreter, do not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox. For Debian 8 'Jessie', these problems have been fixed in version...
Debian: Security Advisory (DSA-4518-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-1915-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1915-1] ghostscript security update
Package : ghostscript Version : 9.26adfsg-0+deb8u5 CVE ID : CVE-2019-14811 CVE-2019-14812 CVE-2019-14813 CVE-2019-14817 It was discovered that various procedures in Ghostscript, the GPL PostScript/PDF interpreter, do not properly restrict privileged calls, which could result in bypass of file...
Debian DSA-4518-1 : ghostscript - security update
It was discovered that various procedures in Ghostscript, the GPL PostScript/PDF interpreter, do not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox. C Tenable Network Security, Inc. The descriptive text and package checks in this...
DLA-1915-1 ghostscript - security update
Bulletin has no description...