5485 matches found
[SECURITY] [DLA 1620-1] ghostscript security update
Package : ghostscript Version : 9.06dfsg-2+deb8u13 CVE ID : CVE-2018-19134 CVE-2018-19478 Some vulnerabilities were discovered in ghostscript, an interpreter for the PostScript language and for PDF. CVE-2018-19134 The setpattern operator did not properly validate certain types. A specially crafte...
Debian: Security Advisory (DLA-1620-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DLA-1620-1 ghostscript - security update
Bulletin has no description...
Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20181217)
Security Fixes : - ghostscript: Incorrect free logic in pagedevice replacement 699664 CVE-2018-16541 - ghostscript: Incorrect 'restoration of privilege' checking when running out of stack during exception handling CVE-2018-16802 - ghostscript: User-writable error exception table CVE-2018-17183 -...
[SECURITY] [DSA 4346-2] ghostscript regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4346-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 23, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4346-2] ghostscript regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4346-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 23, 2018 https://www.debian.org/security/faq -...
DSA-4346-2 ghostscript - regression update
Bulletin has no description...
Amazon Linux AMI : ghostscript (ALAS-2018-1137)
It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the -dSAFER protection and, for example, execute arbitrary shell commands via a specially crafted PostScript document.CVE-2018-16509 C Tenable Network...
CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
Type confusion
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
UBUNTU-CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
DEBIAN-CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
CVE-2018-19134
CVE-2018-19134 affects Artifex Ghostscript (through 9.25). The setpattern operator mishandles certain types, causing a type-confusion in the pattern dictionary implementation. This could crash Ghostscript or potentially allow arbitrary code execution within the Ghostscript process when processing...
Important: ghostscript
Issue Overview: It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the -dSAFER protection and, for example, execute arbitrary shell commands via a specially crafted PostScript document.CVE-2018-16509 Affect...
The vulnerability of the Sandbox Protection Mechanism component of the software suite for processing, transforming, and generating Ghostscript documents allows a perpetrator to circumvent the protective mechanism of the isolated software environment and disclose the protected information.
The vulnerability of the Sandbox Protection Mechanism, a component of the software for processing, transforming, and generating documents with Ghostscript, is related to the lack of protection for operational data. Exploiting this vulnerability allows an intruder, operating locally, to circumvent...
The vulnerability of the Sandbox Protection Mechanism component of the software for processing, transforming, and generating Ghostscript documents allows a perpetrator to bypass the sandbox protection mechanism and execute arbitrary code.
The vulnerability of the Sandbox Protection Mechanism, a component of the software for processing, transforming, and generating Ghostscript documents, is related to insufficient access control. Exploiting this vulnerability could allow an intruder, operating locally, to bypass the sandbox...