7 matches found
Mageia: Security Advisory (MGASA-2018-0408)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : ghostscript (EulerOS-SA-2019-1022)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ghostscript: Incorrect 'restoration of privilege' checking when running out of stack during exception handling CVE-2018-16802 - ghostscript...
EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2019-1004)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ghostscript: Incorrect free logic in pagedevice replacement 699664 CVE-2018-16541 - ghostscript: Incorrect 'restoration of privilege'...
ghostscript: Saved execution stacks can leak operator arrays (incomplete fix for CVE-2018-17183)
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183...
ghostscript: Saved execution stacks can leak operator arrays
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object...
Updated ghostscript packages fix security vulnerabilities
Updated ghostscript packages fix many bugs and security vulnerabilities: Bypassing executeonly to escape -dSAFER sandbox. CVE-2018-17961 Saved execution stacks can leak operator arrays. CVE-2018-18073 1Policy operator gives access to .forceput. CVE-2018-18284...
MGASA-2018-0408 Updated ghostscript packages fix security vulnerabilities
Updated ghostscript packages fix many bugs and security vulnerabilities: Bypassing executeonly to escape -dSAFER sandbox. CVE-2018-17961 Saved execution stacks can leak operator arrays. CVE-2018-18073 1Policy operator gives access to .forceput. CVE-2018-18284...