CVE-2019-3835

It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER...

UBUNTU-CVE-2019-3835

It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER...

UBUNTU-CVE-2019-3838

It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER...

CVE-2019-3838

It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER...

Fedora 28 : ghostscript (2019-7b9bb0e426)

Security fix for CVE-2019-6116 - Fix for bug 1687144 added Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

ghostscript security and bug fix update

9.07-31.el76.10 - Resolves: 1673915 - ghostscript: Regression: double comment chars '%' in gsinit.ps leading to missing metadata - Resolves: 1678171 - CVE-2019-3835 ghostscript: superexec operator is available 700585 - Resolves: 1680025 - CVE-2019-3838 ghostscript: forceput in DefineResource is...

Fedora Update for ghostscript FEDORA-2019-7b9bb0e426

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 29 : ghostscript (2019-15d57af79a)

Security fix for CVE-2019-6116 - Fix for bug 1687144 added Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Ghostscript -- Security bypass vulnerability

Cedric Buissart Red Hat reports: It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by...

[SECURITY] Fedora 28 Update: ghostscript-9.26-3.fc28

This package provides useful conversion utilities based on Ghostscript soft ware, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Syste ms' PostScript PS and Portable Document Format PDF page description...

CVE-2019-6116

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution...

CVE-2019-6116

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution...

CVE-2019-6116

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution...

CVE-2019-6116

Artifex Ghostscript up to version 9.26 contains CVE-2019-6116, where ephemeral/transient procedures could allow access to system operators and enable remote code execution. The Amazon Linux 2 advisory confirms the sandbox escape family linked to this issue and notes the fix/update path, with upst...

The vulnerability of the software for processing, transforming, and generating Ghostscript documents is related to improper type conversion, allowing attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the software for processing, transforming, and generating Ghostscript documents is related to type conversion errors. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the software for processing, transforming, and generating documents using Ghostscript, related to type conversion errors, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the software for processing, transforming, and generating Ghostscript documents is related to type conversion errors. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the Ghostscript software for document processing, conversion, and generation arises from operations that go beyond buffer boundaries in memory, allowing attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the software for processing, transforming, and generating Ghostscript documents arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibilit...

EulerOS Virtualization 2.5.2 : ghostscript (EulerOS-SA-2019-1088)

According to the version of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to...

EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2019-1065)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ghostscript: access bypass in psi/zdevice2.c 700153 CVE-2018-19475 - ghostscript: access bypass in psi/zicc.c 700169 CVE-2018-19476 -...

EulerOS Virtualization 2.5.2 : ghostscript (EulerOS-SA-2019-1087)

According to the versions of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does...