10 matches found
MiracleLinux 7 : ghostscript-9.25-2.el7.3 (AXSA:2019-4385:04)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4385:04 advisory. ghostscript: -dSAFER escape in .charkeys 701841 CVE-2019-14869 Tenable has extracted the preceding description block directly from the MiracleLinux security...
The vulnerability of the .charkeys procedure in the PostScript/PDF Ghostscript interpreter allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the .charkeys procedure in the PostScript/PDF Ghostscript interpreter is related to a security protection flaw that allows scripts to bypass the "-dSAFER" restriction. Exploiting this vulnerability can enable an attacker operating remotely to gain access to confidential data,...
ghostscript: -dSAFER escape in .charkeys (701841)
A flaw was found in the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access...
DEBIAN-CVE-2019-14869
A flaw was found in all versions of ghostscript 9.x before 9.50, where the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could...
ALPINE-CVE-2019-14869
A flaw was found in all versions of ghostscript 9.x before 9.50, where the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could...
Information Disclosure
ghostscript is vulnerable to information disclosure. The vulnerability exists due to -dSAFER escape in .charkeys...
ghostscript security update
9.25-2.3 - 1769340 - CVE-2019-14869 ghostscript: -dSAFER escape in .charkeys...
ghostscript: -dSAFER escape in .charkeys (701841)
A flaw was found in the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access...
CVE-2019-14869
A flaw was found in the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access...
UBUNTU-CVE-2019-14869
A flaw was found in all versions of ghostscript 9.x before 9.50, where the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could...