5485 matches found
Debian DSA-4432-1 : ghostscript - security update
Cedric Buissart discovered two vulnerabilities in Ghostscript, the GPL PostScript/PDF interpreter, which could result in bypass of file system restrictions of the dSAFER sandbox. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
Debian: Security Advisory (DSA-4432-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4432-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4432-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 16, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4432-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4432-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 16, 2019 https://www.debian.org/security/faq -...
DSA-4432-1 ghostscript - security update
Bulletin has no description...
SUSE-SU-2019:0144-2 Security update for ghostscript
This update for ghostscript to version 9.26a fixes the following issues: Security issue fixed: - CVE-2019-6116: subroutines within pseudo-operators must themselves be pseudo-operators bsc1122319...
[ASA-201904-5] ghostscript: sandbox escape
Arch Linux Security Advisory ASA-201904-5 ========================================= Severity: High Date : 2019-04-11 CVE-ID : CVE-2019-3835 CVE-2019-3838 Package : ghostscript Type : sandbox escape Remote : Yes Link : https://security.archlinux.org/AVG-929 Summary ======= The package ghostscript...
EulerOS Virtualization 2.5.3 : ghostscript (EulerOS-SA-2019-1176)
According to the versions of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does...
EulerOS Virtualization 2.5.4 : ghostscript (EulerOS-SA-2019-1215)
According to the versions of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does...
EulerOS Virtualization 2.5.4 : ghostscript (EulerOS-SA-2019-1209)
According to the versions of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was discovered that ghostscript did not properly verify the key used in aesdecode. An attacker could possibly exploit this...
EulerOS Virtualization 2.5.4 : ghostscript (EulerOS-SA-2019-1202)
According to the versions of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was discovered that the ghostscript did not properly restrict access to files open prior to enabling the -dSAFER mode. An...
EulerOS Virtualization 2.5.3 : ghostscript (EulerOS-SA-2019-1177)
According to the version of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was discovered in one of Ghostscript's memory allocation routines. A remote attacker could possibly...
EulerOS Virtualization 2.5.3 : ghostscript (EulerOS-SA-2019-1205)
According to the versions of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was discovered that the ghostscript .tempfile function did not properly handle file permissions. An attacker could possibl...
MGASA-2019-0130 Updated ghostscript packages fix security vulnerability
It was found that the superexec operator was available in the internal dictionary. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. CVE-2019-3835 It was found that the forceput operator...
Updated ghostscript packages fix security vulnerability
It was found that the superexec operator was available in the internal dictionary. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. CVE-2019-3835 It was found that the forceput operator...
[SECURITY] Fedora 28 Update: ghostscript-9.26-4.fc28
This package provides useful conversion utilities based on Ghostscript soft ware, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Syste ms' PostScript PS and Portable Document Format PDF page description...
Fedora 28 : ghostscript (2019-9f28451404)
Security fix for CVE-2019-3835 CVE-2019-3838 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C...
Fedora Update for ghostscript FEDORA-2019-9f28451404
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
The vulnerability of the Ghostscript file conversion program lies in its insecure handling of privileges, allowing an attacker to escalate their privileges.
The vulnerability of the Ghostscript file conversion program’s supervisor exploit is related to insecure management of privileges. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...
EulerOS Virtualization 2.5.3 : ghostscript (EulerOS-SA-2019-1254)
According to the versions of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because...