CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0CVE-2018-16863 – ghostscript: incomplete fix for CVE-2018-16509
https://notcve.org/view.php?id=CVE-2018-16863
03 Dec 2018 — It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7. Se ha detectado que RHSA-2018:2918 no ha resuelto por completo CVE-2018-16509. Un atacante podría explotar otra variante del fallo y omitir la protección -dSAFER para, por ej... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=520bb0ea7519 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-184: Incomplete List of Disallowed Inputs •
CVSS: 7.8EPSS: 72%CPEs: 15EXPL: 1CVE-2018-19475 – ghostscript: access bypass in psi/zdevice2.c (700153)
https://notcve.org/view.php?id=CVE-2018-19475
23 Nov 2018 — psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same. psi/zdevice2.c en Artifex Ghostscript en versiones anteriores a la 9.26 permite a los atacantes remotos omitir las restricciones de acceso planeadas debido a que el espacio de pila disponible no se comprueba cuando el dispositivo no cambia. The Ghostscript suite contains utilities for rendering PostScript and PDF docum... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=3005fcb9bb160af199e761e03bc70a9f249a987e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 1CVE-2018-19476 – ghostscript: access bypass in psi/zicc.c (700169)
https://notcve.org/view.php?id=CVE-2018-19476
23 Nov 2018 — psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion. psi/zicc.c en Artifex Ghostscript en versiones anteriores a la 9.26 permite a los atacantes remotos omitir las restricciones de acceso planeadas debido a una confusión del tipo setcolorspace. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code ca... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=67d760ab775dae4efe803b5944b0439aa3c0b04a • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 1CVE-2018-19477 – ghostscript: access bypass in psi/zfjbig2.c (700168)
https://notcve.org/view.php?id=CVE-2018-19477
23 Nov 2018 — psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion. psi/zfjbig2.c en Artifex Ghostscript en versiones anteriores a la 9.26 permite a los atacantes remotos omitir las restricciones de acceso planeadas debido a una confusión del tipo JBIG2Decode. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code ... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=ef252e7dc214bcbd9a2539216aab9202848602bb • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 12%CPEs: 12EXPL: 0CVE-2018-19409 – ghostscript: Improperly implemented security check in zsetdevice function in psi/zdevice.c
https://notcve.org/view.php?id=CVE-2018-19409
21 Nov 2018 — An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used. Se ha descubierto un problema en versiones anteriores a la 9.26 de Artifex Ghostscript. LockSafetyParams no se comprueba correctamente si se emplea otro dispositivo. It was discovered that Ghostscript contained multiple security issues. • http://www.securityfocus.com/bid/105990 • CWE-391: Unchecked Error Condition •
CVSS: 8.6EPSS: 0%CPEs: 17EXPL: 1CVE-2018-18284 – ghostscript: 1Policy operator allows a sandbox protection bypass
https://notcve.org/view.php?id=CVE-2018-18284
18 Oct 2018 — Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. Artifex Ghostscript 9.25 y anteriores permite que los atacantes omitan un mecanismo de protección de sandbox mediante vectores relacionados con el operador 1Policy. Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service, disclosure of existence and size of arbitrary files, or the execution of arbi... • http://git.ghostscript.com/?p=ghostpdl.git%3Bh=8d19fdf63f91f50466b08f23e2d93d37a4c5ea0b •
CVSS: 8.6EPSS: 10%CPEs: 13EXPL: 4CVE-2018-17961 – ghostscript - executeonly Bypass with errorhandler Setup
https://notcve.org/view.php?id=CVE-2018-17961
11 Oct 2018 — Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. Artifex Ghostscript 9.25 y anteriores permite que los atacantes omitan un mecanismo de protección de sandbox mediante vectores relacionados con la configuración de errorhandler. NOTA: este problema existe debido a una solución incompleta para CVE-2018-17183. Several vulnerabilities were discovered in ... • https://packetstorm.news/files/id/149757 • CWE-209: Generation of Error Message Containing Sensitive Information CWE-460: Improper Cleanup on Thrown Exception •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2018-18073 – ghostscript: Saved execution stacks can leak operator arrays
https://notcve.org/view.php?id=CVE-2018-18073
11 Oct 2018 — Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. Artifex Ghostscript permite que los atacantes omitan un mecanismo de protección de sandbox aprovechando la exposición de los operadores del sistema en la pila de ejecución guardada en un objeto error. Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service, disclosure... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=34cc326eb2c5695833361887fe0b32e8d987741c • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-460: Improper Cleanup on Thrown Exception •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2018-17183 – ghostscript: User-writable error exception table
https://notcve.org/view.php?id=CVE-2018-17183
19 Sep 2018 — Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code. Artifex Ghostscript en versiones anteriores a la 9.25 permitía una tabla de excepción de error que puede escribir el usuario. Esta tabla podía ser usada por los atacantes remotos capaces de proporcionar PostScript manipulados para poder sobrescribir o reemplazar manipuladores de errores para... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=fb713b3818b52d8a6cf62c951eba2e1795ff9624 • CWE-460: Improper Cleanup on Thrown Exception •
CVSS: 7.8EPSS: 1%CPEs: 12EXPL: 0CVE-2018-16802 – ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling
https://notcve.org/view.php?id=CVE-2018-16802
10 Sep 2018 — An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509. Se ha descubierto un problema en versiones anteriores a la 9.25 de Artifex Ghostscript. La comprobación incorrecta de "restoration of privilege" al quedarse sin pila durante el manejo de excepci... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=3e5d316b72e3965b7968bb1d96baa137cd063ac6 • CWE-20: Improper Input Validation •