Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Ghostscript vulnerabilities (USN-3915-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3915-1 advisory. It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into...

SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2019:0719-1)

This update for ghostscript fixes the following issue : Security issue fixed : CVE-2019-3838: Fixed a vulnerability which made forceput operator in DefineResource to be still accessible which could allow access to file system outside of the constraints of -dSAFER bsc1129186. Note that Tenable...

Oracle Linux 7 : ghostscript (ELSA-2019-0633)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-0633 advisory. - Resolves: 1678171 - CVE-2019-3835 ghostscript: superexec operator is available 700585 Tenable has extracted the preceding description block directly...

SUSE SLED15 / SLES15 Security Update : ghostscript (SUSE-SU-2019:0718-1)

This update for ghostscript fixes the following issue : Security issue fixed : CVE-2019-3838: Fixed a vulnerability which made forceput operator in DefineResource to be still accessible which could allow access to file system outside of the constraints of -dSAFER bsc1129186. Note that Tenable...

Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20190321)

Security Fixes : - ghostscript: superexec operator is available 700585 CVE-2019-3835 - ghostscript: forceput in DefineResource is still accessible 700576 CVE-2019-3838 Bug Fixes : - ghostscript: Regression: double comment chars '%%' in gsinit.ps leading to missing metadata C Tenable Network...

RHEL 7 : ghostscript (RHSA-2019:0633)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0633 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap...

OPENSUSE-SU-2019:0104-1 Security update for ghostscript

This update for ghostscript version 9.26a fixes the following issues: Security issue fixed: - CVE-2019-6116: subroutines within pseudo-operators must themselves be pseudo-operators bsc1122319 This update was imported from the SUSE:SLE-15:Update update project...

SUSE-SU-2019:0719-1 Security update for ghostscript

This update for ghostscript fixes the following issue: Security issue fixed: - CVE-2019-3838: Fixed a vulnerability which made forceput operator in DefineResource to be still accessible which could allow access to file system outside of the constraints of -dSAFER bsc1129186...

SUSE-SU-2019:0718-1 Security update for ghostscript

This update for ghostscript fixes the following issue: Security issue fixed: - CVE-2019-3838: Fixed a vulnerability which made forceput operator in DefineResource to be still accessible which could allow access to file system outside of the constraints of -dSAFER bsc1129186...

Important: Red Hat Security Advisory: ghostscript security and bug fix update

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

ghostscript: forceput in DefineResource is still accessible (700576)

It was found that the forceput operator could be extracted from the DefineResource method. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER...

ghostscript: superexec operator is available (700585)

It was found that the superexec operator was available in the internal dictionary. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER...

CVE-2019-6116

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution...

DEBIAN-CVE-2019-6116

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution...

ALPINE-CVE-2019-6116

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution...

CVE-2019-6116

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution...

Remote code execution

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution...

USN-3915-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...

USN-3915-1 ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...

[SECURITY] Fedora 29 Update: ghostscript-9.26-3.fc29

This package provides useful conversion utilities based on Ghostscript soft ware, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Syste ms' PostScript PS and Portable Document Format PDF page description...