5485 matches found
[SECURITY] [DLA 1620-1] ghostscript security update
Package : ghostscript Version : 9.06dfsg-2+deb8u13 CVE ID : CVE-2018-19134 CVE-2018-19478 Some vulnerabilities were discovered in ghostscript, an interpreter for the PostScript language and for PDF. CVE-2018-19134 The setpattern operator did not properly validate certain types. A specially crafte...
Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20181217)
Security Fixes : - ghostscript: Incorrect free logic in pagedevice replacement 699664 CVE-2018-16541 - ghostscript: Incorrect 'restoration of privilege' checking when running out of stack during exception handling CVE-2018-16802 - ghostscript: User-writable error exception table CVE-2018-17183 -...
DLA-1620-1 ghostscript - security update
Bulletin has no description...
Debian: Security Advisory (DLA-1620-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4346-2] ghostscript regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4346-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 23, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4346-2] ghostscript regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4346-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 23, 2018 https://www.debian.org/security/faq -...
DSA-4346-2 ghostscript - regression update
Bulletin has no description...
Amazon Linux AMI : ghostscript (ALAS-2018-1137)
It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the -dSAFER protection and, for example, execute arbitrary shell commands via a specially crafted PostScript document.CVE-2018-16509 C Tenable Network...
CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
UBUNTU-CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
DEBIAN-CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
Type confusion
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
CVE-2018-19134
CVE-2018-19134 affects Artifex Ghostscript (through 9.25). The setpattern operator mishandles certain types, causing a type-confusion in the pattern dictionary implementation. This could crash Ghostscript or potentially allow arbitrary code execution within the Ghostscript process when processing...
CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue...
The vulnerability of the Sandbox Protection Mechanism component of the software for processing, transforming, and generating Ghostscript documents allows a perpetrator to bypass the sandbox protection mechanism and execute arbitrary code.
The vulnerability of the Sandbox Protection Mechanism, a component of the software for processing, transforming, and generating Ghostscript documents, is related to insufficient access control. Exploiting this vulnerability could allow an intruder, operating locally, to bypass the sandbox...
Important: ghostscript
Issue Overview: It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the -dSAFER protection and, for example, execute arbitrary shell commands via a specially crafted PostScript document.CVE-2018-16509 Affect...
The vulnerability of the software for processing, transforming, and generating documents using Ghostscript is related to implementation errors in security checks for standard elements. This allows a perpetrator to circumvent security restrictions.
The vulnerability of the software for processing, transforming, and generating Ghostscript documents is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability can allow an attacker to circumvent security restrictions...