CVE-2018-16510
Ubuntu Ghostscript Failed Fix
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact.
Se ha descubierto un problema en versiones anteriores a la 9.24 de Artifex Ghostscript. El manejo incorrecto de la pila de ejecución en las primitivas PDF "CS" y "SC" podría ser empleado por atacantes remotos que puedan proporcionar PDF manipulados para provocar el cierre inesperado del intérprete o, posiblemente, otro tipo de impacto sin especificar.
The fix Ubuntu applied to address the Ghostscript vulnerability identified in CVE-2018-16510 appears to be insufficient.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-09-04 CVE Reserved
- 2018-09-05 CVE Published
- 2023-08-30 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=ea735ba37dc0fd5f5622d031830b9a559dec1cc9 | X_refsource_misc |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://openwall.com/lists/oss-security/2018/08/27/4 | 2023-11-07 |
URL | Date | SRC |
---|---|---|
https://security.gentoo.org/glsa/201811-12 | 2023-11-07 | |
https://usn.ubuntu.com/3768-1 | 2023-11-07 | |
https://usn.ubuntu.com/3773-1 | 2023-11-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Artifex Search vendor "Artifex" | Ghostscript Search vendor "Artifex" for product "Ghostscript" | < 9.24 Search vendor "Artifex" for product "Ghostscript" and version " < 9.24" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04" | lts |
Affected
| ||||||
Artifex Search vendor "Artifex" | Gpl Ghostscript Search vendor "Artifex" for product "Gpl Ghostscript" | < 9.26 Search vendor "Artifex" for product "Gpl Ghostscript" and version " < 9.26" | - |
Affected
|