14 matches found
EUVD-2019-5942
Malware in sbrugna...
SUSE CVE-2019-14813
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...
NewStart CGSL CORE 5.04 / MAIN 5.04 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0203)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ghostscript packages installed that are affected by multiple vulnerabilities: - psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to...
CVE-2019-14813
A flaw was found in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands...
The vulnerability of the setsystemparams procedure of the Ghostscript file conversion program allows a attacker to execute arbitrary commands or gain access to the file system.
The vulnerability of the setsystemparams procedure in the Ghostscript program for converting PostScript format files is related to deficiencies in access control. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary commands or gain access to the file system ...
DEBIAN-CVE-2019-14813
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...
CVE-2019-14813
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...
ALPINE-CVE-2019-14813
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...
CVE-2019-14813
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...
Safer Restriction Bypass
Ghostscript is vulnerable to safer restriction bypass. The attack is possible due to a flaw of exposing .forceput in setsystemparams when hooking errors...
ghostscript: Safer mode bypass by .forceput exposure in setsystemparams (701443)
A flaw was found in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands...
ghostscript: Safer mode bypass by .forceput exposure in setsystemparams (701443)
A flaw was found in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands...
UBUNTU-CVE-2019-14813
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...
CVE-2019-14813
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fil...