5485 matches found
CVE-2018-16863
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as...
CVE-2018-16863
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as...
CVE-2018-16863
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as...
CVE-2018-16863
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as...
CVE-2018-16863
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as...
CVE-2018-16863
Ghostscript on Red Hat/CentOS environments (Ghostscript 9.07 in RHEL7) contains an incomplete fix for CVE-2018-16509, allowing bypass of the -dSAFER protection via crafted PostScript and potential execution of arbitrary shell commands. CVE-2018-16863 ties to this by noting the residual flaw and i...
ghostscript security update
8.70-24.el610.2 - It was found that the fix for CVE-2018-16509 was not complete, the missing pieces added into ghostscript-CVE-2018-16509.patch 8.70-24.el610.1 - Resolves: 1641124 - CVE-2018-16509 ghostscript: /invalidaccess bypass after failed restore 8.70-24 - Added security fix for CVE-2017-82...
ghostscript security and bug fix update
9.07-31.el76.3 - Resolves: 1654290 ghostscript update breaks xdvi gs: Error: /undefined in flushpage 9.07-31.el76.2 - Resolves: 1652901 - CVE-2018-16863 ghostscript: incomplete fix for CVE-2018-16509...
Ubuntu Ghostscript Failed Fix
Ubuntu: incomplete fix for CVE-2018-16510 This Ubuntu advisory claims to fix CVE-2018-16510: https://usn.ubuntu.com/3768-1/ That does not appear to be true. The root cause of CVE-2018-16510 was that a bunch of procedures were in userdict that should have been executeonly, but were not. In...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Ghostscript vulnerabilities (USN-3831-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3831-1 advisory. It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing...
USN-3831-1: Ghostscript vulnerabilities
It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service...
USN-3831-1 ghostscript vulnerabilities
It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service...
Debian DSA-4346-1 : ghostscript - security update
Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed despite the -dSAFER sandbox being enabled. This update rebases ghostscript for stretch t...
Debian DLA-1598-1 : ghostscript security update
Several security vulnerabilities were discovered in Ghostscript, an interpreter for the PostScript language, which could result in denial of service, the creation of files or the execution of arbitrary code if a malformed Postscript file is processed despite the dSAFER sandbox being enabled. For...
CVE-2018-19476
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion. Mitigation Please refer to the "Mitigation" section of CVE-2018-16509 :...
[SECURITY] [DLA 1598-1] ghostscript security update
Package : ghostscript Version : 9.06dfsg-2+deb8u12 CVE ID : CVE-2018-19409 CVE-2018-19475 CVE-2018-19476 CVE-2018-19477 Several security vulnerabilities were discovered in Ghostscript, an interpreter for the PostScript language, which could result in denial of service, the creation of files or th...
Artifex Ghostscript < 9.26 PostScript Multiple Vulnerabilities
The version of Artifex Ghostscript installed on the remote Windows host is prior to 9.26. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid119240; scriptversion"1.7";...
Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20181127)
Security Fixes : - ghostscript: .tempfile file permission issues 699657 CVE-2018-15908 - ghostscript: shadingparam incomplete type checking 699660 CVE-2018-15909 - ghostscript: missing type check in type checker 699659 CVE-2018-16511 - ghostscript: incorrect access checking in temp file handling ...
DLA-1598-1 ghostscript - security update
Bulletin has no description...
[SECURITY] [DSA 4346-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4346-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 27, 2018 https://www.debian.org/security/faq -...