SUSE: Security Advisory (SUSE-SU-2021:3044-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:3180-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for ghostscript (FEDORA-2021-256c80b4eb)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2021:3180-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3180-1 advisory. - A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially...

SUSE-SU-2021:3180-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection bsc1190381...

[SECURITY] Fedora 34 Update: ghostscript-9.54.0-2.1.fc34

This package provides useful conversion utilities based on Ghostscript softwa re, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Systems' PostScript PS and Portable Document Format PDF page description...

Security News: Microsoft Patch Tuesday September 2021, OMIGOD, MSHTML RCE, Confluence RCE, Ghostscript RCE, FORCEDENTRY Pegasus

Hello everyone! This time, lets talk about recent vulnerabilities. Ill start with Microsoft Patch Tuesday for September 2021. I created a report using my Vulristics tool. You can see the full report here. The most interesting thing about the September Patch Tuesday is that the top 3 VM vendors...

openSUSE 15 Security Update : ghostscript (openSUSE-SU-2021:1273-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1273-1 advisory. - A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe...

openSUSE: Security Advisory for ghostscript (openSUSE-SU-2021:1273-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:1273-1 Security update for ghostscript

This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection bsc1190381 Also a hardening fix was added: - Link as position independent executable bsc1184123 This update was imported from the SUSE:SLE-15:Update upda...

SUSE SLED15 / SLES15 Security Update : ghostscript (SUSE-SU-2021:3044-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3044-1 advisory. - A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially...

openSUSE 15 Security Update : ghostscript (openSUSE-SU-2021:3044-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:3044-1 advisory. - A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe...

Vulnerability fixed in Artifex Ghostscript

Artifex has fixed a vulnerability in Ghostscript. The vulnerability allows an unauthenticated malicious person to opportunity to execute arbitrary code under the privileges of Ghostscript. To do this, the malicious party must trick the victim into to open a malicious document. Artifex has release...

openSUSE: Security Advisory for ghostscript (openSUSE-SU-2021:3044-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for ghostscript (critical)

openSUSE Security Update: Security update for ghostscript Announcement ID: openSUSE-SU-2021:1273-1 Rating: critical References: 1184123 1190381 Cross-References: CVE-2021-3781 CVSS scores: CVE-2021-3781 SUSE: 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.2 A...

SUSE-SU-2021:3044-1 Security update for ghostscript

This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection bsc1190381 Also a hardening fix was added: - Link as position independent executable bsc1184123...

OPENSUSE-SU-2021:3044-1 Security update for ghostscript

This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection bsc1190381 Also a hardening fix was added: - Link as position independent executable bsc1184123...

PDF Light Viewer < 1.4.12 - Authenticated Command Injection

The plugin allows users with Author roles to execute arbitrary OS command on the server via OS Command Injection when invoking Ghostscript. PoC 1 Go to Import PDF. 2 Select PDF file. 3 Set compression as 60 | calc | echo 4 Toggle import the first checkbox 5 Publish or update 6 Command executes...

Security update for ghostscript (critical)

openSUSE Security Update: Security update for ghostscript Announcement ID: openSUSE-SU-2021:3044-1 Rating: critical References: 1184123 1190381 Cross-References: CVE-2021-3781 CVSS scores: CVE-2021-3781 SUSE: 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 A...

[ASA-202109-3] ghostscript: arbitrary command execution

Arch Linux Security Advisory ASA-202109-3 ========================================= Severity: High Date : 2021-09-14 CVE-ID : CVE-2021-3781 Package : ghostscript Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-2374 Summary ======= The package ghostscript...