ghostscript: Saved execution stacks can leak operator arrays

Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object...

CVE-2018-18073

Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. Mitigation Please refer to the "Mitigation" section of CVE-2018-16509 :...

ALPINE-CVE-2018-18073

Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object...

DEBIAN-CVE-2018-18073

Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object...

CVE-2018-18073

Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object...

CVE-2018-18073

CVE-2018-18073 describes a sandbox-bypass vulnerability in Artifex Ghostscript. The issue arises in Ghostscript 9.25 and earlier where the saved execution stack can leak operator arrays or expose system operators in an error object, allowing a crafted PostScript to bypass -dSAFER/sandbox protecti...

CVE-2018-18073

Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object...

UBUNTU-CVE-2018-18073

Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object...

(0Day) Microsoft Windows JScript Error Object Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

Cross Site URL Hijacking by using Error Object in Mozilla Firefox

I want to represent a method for performing Cross Site URL Hijacking which we can call XSUH by using the error object of Mozilla Firefox. XSUH attack is used to steal another website URL. This URL can show the client’s situation on that website, and it can contain confidential parameters such as...