Page 73 of 929 results (0.013 seconds)

CVSS: 7.3EPSS: 0%CPEs: 12EXPL: 0

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. En Artifex Ghostscript en versiones anteriores a la 9.24, los atacantes que puedan proporcionar archivos PostScript manipulados podrían emplear una lógica libre incorrecta en el reemplazo pagedevice para provocar el cierre inesperado del intérprete. It was discovered that the ghostscript device cleanup did not properly handle devices replaced with a null device. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted PostScript document. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=241d91112771a6104de10b3948c3f350d6690c1d https://access.redhat.com/errata/RHSA-2018:3834 https://bugs.ghostscript.com/show_bug.cgi?id=699664 https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html https://security.gentoo.org/glsa/201811-12 https://usn.ubuntu.com/3768-1 https://www.artifex.com/news/ghostscript-security-resolved https://www.debian.org/security/2018/dsa-4288 https://access.redhat.com/security/cve/CVE- • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact. En Artifex Ghostscript en versiones anteriores a la 9.24, los atacantes que puedan proporcionar archivos PostScript manipulados al convertidor PDF14 integrado podrían emplear un uso de memoria previamente liberada en el manejo de copydevice para provocar el cierre inesperado del intérprete u otro tipo de impacto sin especificar. It was discovered that the ghostscript PDF14 compositor did not properly handle the copying of a device. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted PostScript document. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=c432131c3fdb2143e148e8ba88555f7f7a63b25e https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2019:0229 https://bugs.ghostscript.com/show_bug.cgi?id=699661 https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html https://security.gentoo.org/glsa/201811-12 https://usn.ubuntu.com/3768-1 https://www.artifex.com/news/ghostscript-security-resolved https://www.debian.org/security/2018/dsa-4 • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. En Artifex Ghostscript en versiones anteriores a la 9.24, los atacantes que puedan proporcionar archivos PostScript manipulados podrían emplear la comprobación de acceso incorrecta en el manejo de archivos temporales para revelar el contenido de los archivos del sistema que, normalmente, no estarían disponibles. It was discovered that the ghostscript did not properly restrict access to files open prior to enabling the -dSAFER mode. An attacker could possibly exploit this to bypass the -dSAFER protection and disclose the content of affected files via a specially crafted PostScript document. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=a054156d425b4dbdaaa9fda4b5f1182b27598c2b https://access.redhat.com/errata/RHSA-2018:3650 https://bugs.ghostscript.com/show_bug.cgi?id=699658 https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html https://security.gentoo.org/glsa/201811-12 https://usn.ubuntu.com/3768-1 https://www.artifex.com/news/ghostscript-security-resolved https://www.debian.org/security/2018/dsa-4288 https://access.redhat.com/security/cve/CVE- • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-377: Insecure Temporary File •

CVSS: 7.8EPSS: 1%CPEs: 12EXPL: 0

An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. Se ha descubierto un problema en versiones anteriores a la 9.24 de Artifex Ghostscript. Una confusión de tipos en "ztype" podría ser empleada por atacantes remotos que puedan proporcionar PostScript manipulado para provocar el cierre inesperado del intérprete o, posiblemente, otro tipo de impacto sin especificar. It was discovered that the ghostscript .type operator did not properly validate its operands. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=0edd3d6c634a577db261615a9dc2719bca7f6e01 http://seclists.org/oss-sec/2018/q3/182 https://access.redhat.com/errata/RHSA-2018:3650 https://bugs.ghostscript.com/show_bug.cgi?id=699659 https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html https://security.gentoo.org/glsa/201811-12 https://usn.ubuntu.com/3768-1 https://www.artifex.com/news/ghostscript-security-resolved https://www.debian.org/security/2018/dsa-4288 • CWE-704: Incorrect Type Conversion or Cast •

CVSS: 9.3EPSS: 97%CPEs: 14EXPL: 5

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. Se ha descubierto un problema en versiones anteriores a la 9.24 de Artifex Ghostscript. La comprobación incorrecta de "restoration of privilege" durante el manejo de excepciones /invalidaccess podría ser empleada por atacantes que sean capaces de proporcionar PostScript manipulado para ejecutar código mediante la instrucción "pipe". It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. • https://www.exploit-db.com/exploits/45369 https://github.com/farisv/PIL-RCE-Ghostscript-CVE-2018-16509 https://github.com/knqyf263/CVE-2018-16509 https://github.com/rhpco/CVE-2018-16509 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=5516c614dc33662a2afdc377159f70218e67bde5 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=78911a01b67d590b4a91afac2e8417360b934156 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=79cccf641486a6595c43f1de1cd7ade696020a31 http://git.ghostscript.com/?p=gho •