5485 matches found
CVE-2019-14813
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...
CVE-2019-14812
A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the...
Artifex Software Ghostscript Permission License and Access Control Issues Vulnerability (CNVD-2019-41843)
Artifex Software Ghostscript is an open source parser for Postscript a page description language and programming language used in the electronics industry and desktop publishing from Artifex Software, Inc. The product can display Postscript files as well as print Postscript files on non-PostScrip...
CVE-2019-14811
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfhookDSCCreator procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fi...
UBUNTU-CVE-2019-14817
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to...
UBUNTU-CVE-2019-14811
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfhookDSCCreator procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fi...
UBUNTU-CVE-2019-14812
A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the...
Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20190806)
The following packages have been upgraded to a later upstream version: ghostscript 9.25. Security Fixes : - ghostscript: status command permitted with -dSAFER in psi/zfile.c allowing attackers to identify the size and existence of files CVE-2018-11645 C Tenable Network Security, Inc. The...
EulerOS 2.0 SP8 : ghostscript (EulerOS-SA-2019-1823)
According to the version of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the...
Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20190812)
Security Fixes : - ghostscript: -dSAFER escape via .buildfont1 701394 CVE-2019-10216 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include"compat.inc"; if description scriptid128273; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate",...
Fedora Update for ghostscript FEDORA-2019-22f1c93255
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Important: Red Hat Security Advisory: Red Hat 3scale API Management 2.6.0 release and security update
A security update for Red Hat 3scale API Management Platform is now available from the Red Hat Container Catalog. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
[SECURITY] Fedora 29 Update: ghostscript-9.26-5.fc29
This package provides useful conversion utilities based on Ghostscript soft ware, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Syste ms' PostScript PS and Portable Document Format PDF page description...
[SECURITY] Fedora 30 Update: ghostscript-9.26-5.fc30
This package provides useful conversion utilities based on Ghostscript soft ware, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Syste ms' PostScript PS and Portable Document Format PDF page description...
Fedora 29 : ghostscript (2019-22f1c93255)
Fix for CVE-2019-10216 added Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...
Fedora 30 : ghostscript (2019-93e0145607)
Fix for CVE-2019-10216 added Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...
Fedora Update for ghostscript FEDORA-2019-93e0145607
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Artifex Ghostscript CVE-2019-14812 Remote Privilege Escalation Vulnerability
Description Ghostscript is prone to a remote privilege-escalation vulnerability. A remote attacker can exploit this issue to gain elevated privileges and access arbitrary files or execute arbitrary commands on the affected system. Versions prior to Ghostscript 9.50 are vulnerable. Technologies...
Oracle Linux 8 : ghostscript (ELSA-2019-2465)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2465 advisory. 9.25-2.2 - Resolves: 1737336 - CVE-2019-10216 ghostscript: -dSAFER escape via .buildfont1 701394 Tenable has extracted the preceding description block directly...
Oracle Linux 7 : ghostscript (ELSA-2019-2462)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2462 advisory. 9.25-2.1 - Resolves: 1737338 - CVE-2019-10216 ghostscript: -dSAFER escape via .buildfont1 701394 Tenable has extracted the preceding description block directly...