openSUSE Security Update : ghostscript (openSUSE-2019-2160)

This update for ghostscript fixes the following issues : Security issue fixed : - CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...

Security update for ghostscript (moderate)

openSUSE Security Update: Security update for ghostscript Announcement ID: openSUSE-SU-2019:2160-1 Rating: moderate References: 1144621 Cross-References: CVE-2019-10216 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for...

EulerOS 2.0 SP3 : ghostscript (EulerOS-SA-2019-2031)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the...

CentOS 7 : ghostscript (CESA-2019:2586)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

ghostscript, libgs security update

CentOS Errata and Security Advisory CESA-2019:2586 An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

PT-2019-13261 · Foxit · Foxit Studio Photo

Name of the Vulnerable Software and Affected Versions: Foxit Studio Photo version 3.6.6.909 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The...

Security update for ghostscript (moderate)

openSUSE Security Update: Security update for ghostscript Announcement ID: openSUSE-SU-2019:2139-1 Rating: moderate References: 1144621 Cross-References: CVE-2019-10216 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...

openSUSE Security Update : ghostscript (openSUSE-2019-2139)

This update for ghostscript fixes the following issues : Security issue fixed : - CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text a...

SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2019:2347-1)

This update for ghostscript fixes the following issues : Security issue fixed : CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...

SUSE SLED15 / SLES15 Security Update : ghostscript (SUSE-SU-2019:2348-1)

This update for ghostscript fixes the following issues : Security issue fixed : CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...

Debian: Security Advisory (DLA-1915-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4518-1 : ghostscript - security update

It was discovered that various procedures in Ghostscript, the GPL PostScript/PDF interpreter, do not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox. C Tenable Network Security, Inc. The descriptive text and package checks in this...

CVE-2019-14813

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...

ALPINE-CVE-2019-14813

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...

CVE-2019-14813

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...

Command injection

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...

CVE-2019-14813

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...

CVE-2019-14813

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...

CVE-2019-14813

Ghostscript (before 9.50) contains a sandbox escape in the setsystemparams path that can bypass -dSAFER controls, potentially allowing access to the file system or execution of arbitrary commands via crafted PostScript. The issue is reported as CVE-2019-14813 and is addressed in upstream fixes (g...

CVE-2019-14813

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...