15 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-11645
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the...
Oracle Linux 7 : ghostscript (ELSA-2019-2281)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2281 advisory. - Resolves: 1673399 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - Resolves: 1678172 - CVE-2019-3835 ghostscript: superexec...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2021-1788)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2020-1240)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-2151)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0250)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ghostscript packages installed that are affected by multiple vulnerabilities: - psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to...
NewStart CGSL CORE 5.04 / MAIN 5.04 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0203)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ghostscript packages installed that are affected by multiple vulnerabilities: - psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to...
Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20190806)
The following packages have been upgraded to a later upstream version: ghostscript 9.25. Security Fixes : - ghostscript: status command permitted with -dSAFER in psi/zfile.c allowing attackers to identify the size and existence of files CVE-2018-11645 C Tenable Network Security, Inc. The...
[SECURITY] [DSA 4336-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4336-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 10, 2018 https://www.debian.org/security/faq -...
CVE-2018-11645
Ghostscript did not honor the -dSAFER option when executing the "status" instruction, which can be used to retrieve information such as a file's existence and size. A specially crafted postscript document could use this flow to gain information on the targeted system's filesystem content...
CVE-2018-11645
psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977...
CVE-2018-11645
psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977...
CVE-2018-11645
Ghostscript (psi/zfile.c) before 9.21rc1 permits the status command even with -dSAFER, enabling remote attackers to determine the existence and size of arbitrary files. This CVE (CVE-2018-11645) is referenced in multiple advisories; upstream context ties it to Ghostscript’s handling of SAFER and ...
CVE-2018-11645
psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977...
CVE-2018-11645
psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977...