VulnCheck KEV: CVE-2018-16509

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction...

Oracle Linux 8 : zsh (ELSA-2020-0903)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0903 advisory. - improve printing of error messages introduced by the fix of CVE-2019-20044 Tenable has extracted the preceding description block directly from the Oracle Linu...

K02495251: Ghostscript vulnerability CVE-2018-16509 (VU#332928)

Security Advisory Description An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction...

NewStart CGSL CORE 5.05 / MAIN 5.05 : zsh Vulnerability (NS-SA-2020-0108)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has zsh packages installed that are affected by a vulnerability: - In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the...

The vulnerability of the Ghostscript software for document processing, conversion, and generation is related to improper checking of “privilege restoration” during the processing of /invalidaccess exception types. This allows a perpetrator to execute arbitrary code.

The vulnerability of the software for processing, transforming, and generating Ghostscript documents is related to improper checking of “privilege restoration” during the processing of /invalidaccess exceptions. Exploiting this vulnerability allows a malicious actor to download specially created...

ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix...

Security update for ghostscript (important)

This update for ghostscript to version 9.25 fixes the following issues: These security issues were fixed: - CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 - CVE-2018-15909: Prevent type...

ALPINE-CVE-2018-16802

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix...

DEBIAN-CVE-2018-16802

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix...

UBUNTU-CVE-2018-16802

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix...

Design/Logic Flaw

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction...

DEBIAN-CVE-2018-16509

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction...

Artifex Ghostscript Code Execution Vulnerability

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...