CVE-2019-10216

It was found that the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas...

CVE-2019-13325

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

EulerOS 2.0 SP8 : ghostscript (EulerOS-SA-2019-2076)

According to the version of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An...

Fedora Update for ghostscript FEDORA-2019-953fc0f16d

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : ghostscript (openSUSE-2019-2160)

This update for ghostscript fixes the following issues : Security issue fixed : - CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...

Security update for ghostscript (moderate)

openSUSE Security Update: Security update for ghostscript Announcement ID: openSUSE-SU-2019:2160-1 Rating: moderate References: 1144621 Cross-References: CVE-2019-10216 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for...

EulerOS 2.0 SP3 : ghostscript (EulerOS-SA-2019-2031)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the...

The vulnerability of the setsystemparams procedure of the Ghostscript file conversion program allows a attacker to execute arbitrary commands or gain access to the file system.

The vulnerability of the setsystemparams procedure in the Ghostscript program for converting PostScript format files is related to deficiencies in access control. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary commands or gain access to the file system ...

The vulnerability of the .buildfont1 procedure in the Ghostscript file conversion program allows a perpetrator to gain elevated privileges and access to the file system.

The vulnerability of the .buildfont1 procedure in the Ghostscript file conversion program is related to the improper use of privileged APIs. Exploiting this vulnerability allows a malicious actor to enhance their privileges and gain access to the file system beyond the restrictions imposed by...

The vulnerability of the .setuserparams2 procedure of the Ghostscript file conversion program allows a attacker to execute arbitrary commands or gain access to the file system.

The vulnerability of the .setuserparams2 procedure in the Ghostscript file conversion program is related to the improper use of privileged APIs. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary commands or gain access to the file system by circumventing t...

The vulnerability of the .pdfexecoken process of the Ghostscript file conversion program allows a perpetrator to execute arbitrary commands or gain access to the file system.

The vulnerability of the .pdfexecoken procedure in the Ghostscript file conversion program is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely or gain access to the file system bypassing the restrictions impos...

The vulnerability of the .pdfhook_DSC_Creator procedure of the Ghostscript file conversion program allows a hacker to gain access to the file system.

The vulnerability of the .pdfhookDSCCreator procedure of the Ghostscript file conversion program is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain access to the file system by circumventing the restrictions imposed by -dSAFER, using a...

CentOS 7 : ghostscript (CESA-2019:2586)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

ghostscript, libgs security update

CentOS Errata and Security Advisory CESA-2019:2586 An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

PT-2019-13261 · Foxit · Foxit Studio Photo

Name of the Vulnerable Software and Affected Versions: Foxit Studio Photo version 3.6.6.909 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The...

Security update for ghostscript (moderate)

openSUSE Security Update: Security update for ghostscript Announcement ID: openSUSE-SU-2019:2139-1 Rating: moderate References: 1144621 Cross-References: CVE-2019-10216 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...

openSUSE Security Update : ghostscript (openSUSE-2019-2139)

This update for ghostscript fixes the following issues : Security issue fixed : - CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text a...

SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2019:2347-1)

This update for ghostscript fixes the following issues : Security issue fixed : CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...

SUSE SLED15 / SLES15 Security Update : ghostscript (SUSE-SU-2019:2348-1)

This update for ghostscript fixes the following issues : Security issue fixed : CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...

Debian: Security Advisory (DLA-1915-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...