Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2019/10/18 11:20 a.m.30 views

CVE-2018-16585

DISPUTED An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing e.g., after the startup phase. This leads to memory corruption, allowing remote attackers able to supply...

7.8CVSS0.8AI score0.03037EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/22 12:0 a.m.36 views

SUSE SLES12 Security Update : ghostscript (SUSE-SU-2018:2975-2)

This update for ghostscript to version 9.25 fixes the following issues : These security issues were fixed : CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 CVE-2018-15909: Prevent type confusio...

9.3CVSS7.2AI score0.92499EPSS
Exploits5References49
Tenable Nessus
Tenable Nessus
added 2018/09/12 12:0 a.m.43 views

Artifex Ghostscript Multiple Vulnerabilities

The version of Artifex Ghostscript installed on the remote Windows host is prior to 9.24. It is, therefore, affected by multiple vulnerabilities due to improperly handling PostScript data. A context-dependent attacker could cause a buffer overflow, potentially crashing the service. C Tenable...

7.8CVSS6.7AI score0.03037EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2018/09/10 12:0 a.m.45 views

Debian DSA-4288-1 : ghostscript - security update

Tavis Ormandy discovered multiple vulnerabilites in Ghostscript, an interpreter for the PostScript language, which could result in denial of service, the creation of files or the execution of arbitrary code if a malformed Postscript file is processed despite the dSAFER sandbox being enabled. C...

7.8CVSS6.7AI score0.03037EPSS
Exploits0References14
NVD
NVD
added 2018/09/06 2:29 p.m.27 views

CVE-2018-16585

An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing e.g., after the startup phase. This leads to memory corruption, allowing remote attackers able to supply crafted...

7.8CVSS8.1AI score0.01721EPSS
Exploits0References8
CVE
CVE
added 2018/09/06 1:0 p.m.122 views

CVE-2018-16585

Artifex Ghostscript prior to 9.24 is affected by CVE-2018-16585 where the .setdistillerkeys PostScript command is accepted despite not being intended for document processing. This leads to memory corruption, enabling remote attackers able to supply crafted PostScript to crash the interpreter or p...

7.8CVSS7.3AI score0.01721EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder