The vulnerability of the Sandbox Protection Mechanism component of the software for processing, transforming, and generating Ghostscript documents allows a perpetrator to bypass the sandbox protection mechanism and execute arbitrary code.

The vulnerability of the Sandbox Protection Mechanism, a component of the software for processing, transforming, and generating Ghostscript documents, is related to insufficient access control. Exploiting this vulnerability could allow an intruder, operating locally, to bypass the sandbox...

The vulnerability of the Sandbox Protection Mechanism component of the software suite for processing, transforming, and generating Ghostscript documents allows a perpetrator to circumvent the protective mechanism of the isolated software environment and disclose the protected information.

The vulnerability of the Sandbox Protection Mechanism, a component of the software for processing, transforming, and generating documents with Ghostscript, is related to the lack of protection for operational data. Exploiting this vulnerability allows an intruder, operating locally, to circumvent...

CVE-2018-17961

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183...

CVE-2017-5206

Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument...

CVE-2016-1443

The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess information or modify interprocess data, via a crafted malware sample...

Design/Logic Flaw

The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 6.0.16.25, 6 R1 before SR8 FP25 6.1.8.25, 7 before SR9 FP40 7.0.9.40, 7 R1 before SR3 FP40 7.1.3.40, and 8 before SR3 8.0.3.0 uses the invoke method of the java.lang.reflect.Method class in an...

Ubuntu 14.04 LTS : Oxide vulnerability (USN-2905-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2905-1 advisory. A security issue was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypas...

USN-2905-1: Oxide vulnerability

A security issue was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions or a sandbox protection mechanism. CVE-2016-1629...

Privilege escalation

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow attackers to bypass an application sandbox protection mechanism and perform unspecified filesystem actions via a crafted...

CVE-2015-1427

The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker...

Race condition

Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568...

CVE-2014-4427

App Sandbox in Apple OS X before 10.10 allows attackers to bypass a sandbox protection mechanism via the accessibility API...

Design/Logic Flaw

Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014...

CVE-2014-1256

Buffer overflow in Apple Type Services ATS in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages...