36 matches found
CVE-2018-17961
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. Mitigation Please refer to the "Mitigation" section of CVE-2018-16509 :...
CVE-2018-17961
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183...
CVE-2018-17961
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183...
DEBIAN-CVE-2018-17961
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183...
CVE-2018-17961
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183...
CVE-2018-17961
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183...
CVE-2018-17961
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183...
CVE-2018-17961
CVE-2018-17961 affects Artifex Ghostscript 9.25 and earlier. It enables sandbox bypass via vectors involving errorhandler setup, saved execution stacks, or the 1Policy operator, potentially allowing code execution or sandbox escape when processing crafted PostScript. The issue is related to an in...
UBUNTU-CVE-2018-17961
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183...
CVE-2018-17961
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183...
ghostscript - executeonly Bypass with errorhandler Setup Exploit
Exploit for linux platform in category local exploits While documenting bug 1675, I noticed another problem with errordict in ghostscript. Full working exploit that works in the last few versions is attached, viewing it in evince, imagemagick, gimp, okular, etc should add a line to /.bashrc...
ghostscript - executeonly Bypass with errorhandler Setup
ghostscript - executeonly Bypass with errorhandler Setup While documenting bug 1675, I noticed another problem with errordict in ghostscript. Full working exploit that works in the last few versions is attached, viewing it in evince, imagemagick, gimp, okular, etc should add a line to /.bashrc...
CVE-2018-16977
Monstra CMS V3.0.4 has an information leakage risk e.g., PATH, DOCUMENTROOT, and SERVERADMIN in libraries/Gelato/ErrorHandler/Resources/Views/Errors/exception.php...
Design/Logic Flaw
Monstra CMS V3.0.4 has an information leakage risk e.g., PATH, DOCUMENTROOT, and SERVERADMIN in libraries/Gelato/ErrorHandler/Resources/Views/Errors/exception.php...
CVE-2018-16977
Monstra CMS V3.0.4 has an information leakage risk e.g., PATH, DOCUMENTROOT, and SERVERADMIN in libraries/Gelato/ErrorHandler/Resources/Views/Errors/exception.php...
CVE-2018-6010
In Yii Framework 2.x before 2.0.14, remote attackers could obtain potentially sensitive information from exception messages, or exploit reflected XSS on the error handler page in non-debug mode. Related to base/ErrorHandler.php, log/Dispatcher.php, and views/errorHandler/exception.php...