Download
| Alert*
oval:org.secpod.oval:def:89003239
This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file . oval:org.secpod.oval:def:89050572 This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file . oval:org.secpod.oval:def:116995 This package provides useful conversion utilities based on Ghostscript software, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Systems' PostScript and Portable Document Format page description languag ... oval:org.secpod.oval:def:116994 This package provides useful conversion utilities based on Ghostscript software, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Systems' PostScript and Portable Document Format page description languag ... oval:org.secpod.oval:def:69900 Netanel reported that the .buildfont1 procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox. oval:org.secpod.oval:def:604499 Netanel reported that the .buildfont1 procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox. oval:org.secpod.oval:def:1502629 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:58361 ghostscript: PostScript and PDF interpreter Ghostscript could be made to access files if it opened a specially crafted file. oval:org.secpod.oval:def:82591 The host is installed with Artifex Ghostscript before 9.50 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle a specially crafted PostScript file. Successful exploitation could allows attackers to escalate privileges and access files out ... oval:org.secpod.oval:def:2105107 It was found that the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas. oval:org.secpod.oval:def:58343 Netanel reported that the .buildfont1 procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox. oval:org.secpod.oval:def:503312 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * ghostscript: -dSAFER escape via .buildfont1 For more details about the security issue, ... oval:org.secpod.oval:def:503311 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * ghostscript: -dSAFER escape via .buildfont1 For more details about the security issue, ... oval:org.secpod.oval:def:1502597 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:705109 ghostscript: PostScript and PDF interpreter Ghostscript could be made to access files if it opened a specially crafted file. |