34 matches found
MiracleLinux 7 : ghostscript-9.25-2.el7.2 (AXSA:2019-4296:03)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4296:03 advisory. ghostscript: Safer mode bypass by .forceput exposure in .pdfhookDSCCreator 701445 CVE-2019-14811 ghostscript: Safer mode bypass by .forceput exposur...
EUVD-2016-8825
Malware in sbrugna...
ghostscript: format string injection leads to shell command execution (SAFER bypass)
A flaw in Ghostscript has been identified where the uniprint device allows users to pass various string fragments as device options. These strings, particularly upWriteComponentCommands and upYMoveCommand, are treated as format strings for gpfprintf and gssnprintf. This lack of restriction permit...
SUSE CVE-2016-7977
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...
SUSE CVE-2016-7979
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initializedscparser...
SUSE CVE-2019-14813
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...
SUSE: Security Advisory (SUSE-SU-2019:2478-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : ghostscript (CESA-2019:2591)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2591 advisory. - ghostscript: Safer mode bypass by .forceput exposure in .pdfhookDSCCreator 701445 CVE-2019-14811 - ghostscript: Safer mode bypass by .forceput exposu...
openSUSE: Security Advisory for ghostscript (openSUSE-SU-2019:2223-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : ghostscript (openSUSE-2019-2223)
This update for ghostscript fixes the following issues : Security issues fixed : - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. bsc1129180 - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators...
openSUSE Security Update : ghostscript (openSUSE-2019-2222)
This update for ghostscript fixes the following issues : Security issues fixed : - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. bsc1129180 - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators...
openSUSE: Security Advisory for ghostscript (openSUSE-SU-2019:2222-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2019:2222-1 Security update for ghostscript
This update for ghostscript fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. bsc1129180 - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators...
Security update for ghostscript (important)
openSUSE Security Update: Security update for ghostscript Announcement ID: openSUSE-SU-2019:2223-1 Rating: important References: 1129180 1129186 1134156 1140359 1146882 1146884 Cross-References: CVE-2019-12973 CVE-2019-14811 CVE-2019-14812 CVE-2019-14813 CVE-2019-14817 CVE-2019-3835 CVE-2019-3839...
SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2019:2478-1)
This update for ghostscript to 9.27 fixes the following issues : Security issues fixed : CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. bsc1129180 CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators...
SUSE-SU-2019:2478-1 Security update for ghostscript
This update for ghostscript to 9.27 fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. bsc1129180 - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators...
SUSE SLED15 / SLES15 Security Update : ghostscript (SUSE-SU-2019:2460-1)
This update for ghostscript fixes the following issues : Security issues fixed : CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. bsc1129180 CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators. bsc11341...
MGASA-2019-0271 Updated ghostscript packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Safer Mode Bypass by .forceput Exposure in .pdfhookDSCCreator. CVE-2019-14811 Safer Mode Bypass by .forceput Exposure in setuserparams. CVE-2019-14812 Safer Mode Bypass by .forceput Exposure in setsystemparams. CVE-2019-14813 Safer Mode Bypass by...
Updated ghostscript packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Safer Mode Bypass by .forceput Exposure in .pdfhookDSCCreator. CVE-2019-14811 Safer Mode Bypass by .forceput Exposure in setuserparams. CVE-2019-14812 Safer Mode Bypass by .forceput Exposure in setsystemparams. CVE-2019-14813 Safer Mode Bypass by...
Oracle Linux 8 : ghostscript (ELSA-2019-2591)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2591 advisory. - Resolves: 1744010 - CVE-2019-14811 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdfhookDSCCreator 701445 - Resolves: 1744014 -...