ghostscript security update

9.07-29.el75.2 - Fix MediaPosition, ManualFeed and MediaType with pxl devices bug 1629842 9.07-29.el75.1 - Added security fixes for: - CVE-2018-16509 bug 1621156 - CVE-2018-15910 bug 1621157 - CVE-2018-16542 bug 1621380 9.07-29 - Fix rare Segmentation fault when converting PDF to PNG bug 1473337 ...

UBUNTU-CVE-2018-18073

Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object...

UBUNTU-CVE-2018-17961

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183...

CVE-2018-17961

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183...

gsview -dSAFER Not Used Vulnerability

Exploit for windows platform in category dos / poc gsview: -dSAFER not used I was planning to test the exploit for bug 1640 against gsview, the official ghostscript viewer, but it turns out systemdict /SAFER get returns false. That means opening a file in gsview is equivalent to running arbitrary...

Amazon Linux 2 : ghostscript (ALAS-2018-1088)

It was discovered that the ghostscript .shfill operator did not properly validate certain types. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted PostScript...

GhostScript Sandbox Bypass Vulnerability

GhostScript is an interpreter for PostScript and Portable Document Format PDF files. A sandbox bypass vulnerability exists in GhostScript. An attacker can cause command execution by constructing malicious image content...

ghostscript - executeonly Bypass with errorhandler Setup Exploit

Exploit for linux platform in category local exploits While documenting bug 1675, I noticed another problem with errordict in ghostscript. Full working exploit that works in the last few versions is attached, viewing it in evince, imagemagick, gimp, okular, etc should add a line to /.bashrc...

USN-3785-1: ImageMagick vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 18.04 Description Due to a large number of issues discovered in GhostScript that prevent it from being used by ImageMagick safely, this update includes a default policy change that disables support f...

openSUSE Security Update : ghostscript (openSUSE-2018-1122)

This update for ghostscript to version 9.25 fixes the following issues : These security issues were fixed : - CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 - CVE-2018-15909: Prevent type...

GLSA-201810-04 : ImageMagick: Security hardening

The remote host is affected by the vulnerability described in GLSA-201810-04 ImageMagick: Security hardening If you process an image with ImageMagick and dont validate the file before e.g. check magic byte, ImageMagick will call any coders found in the given file. So if ImageMagick will find...

openSUSE Security Update : ghostscript (openSUSE-2018-1123)

This update for ghostscript to version 9.25 fixes the following issues : These security issues were fixed : - CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 - CVE-2018-15909: Prevent type...

ghostscript - executeonly Bypass with errorhandler Setup

ghostscript - executeonly Bypass with errorhandler Setup While documenting bug 1675, I noticed another problem with errordict in ghostscript. Full working exploit that works in the last few versions is attached, viewing it in evince, imagemagick, gimp, okular, etc should add a line to /.bashrc...

Important: ghostscript

Issue Overview: It was discovered that the ghostscript .shfill operator did not properly validate certain types. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted...

ImageMagick: Security hardening

Background ImageMagick is a collection of tools and libraries for many image formats. Description If you process an image with ImageMagick and don’t validate the file before e.g. check magic byte, ImageMagick will call any coders found in the given file. So if ImageMagick will find Ghostscript fo...

openSUSE: Security Advisory for ghostscript (openSUSE-SU-2018:3036-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for ghostscript (important)

This update for ghostscript to version 9.25 fixes the following issues: These security issues were fixed: - CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 - CVE-2018-15909: Prevent type...

Security update for ghostscript (important)

This update for ghostscript to version 9.25 fixes the following issues: These security issues were fixed: - CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 - CVE-2018-15909: Prevent type...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : ImageMagick vulnerabilities (USN-3785-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3785-1 advisory. Due to a large number of issues discovered in GhostScript that prevent it from being used by ImageMagick safely, this update...

Ubuntu: Security Advisory (USN-3785-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...