[Forgot Password]
Login  Register Subscribe

24547

 
 

132176

 
 

122448

 
 

909

 
 

100878

 
 

148

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2018:3760-01 -- Redhat ghostscript

ID: oval:org.secpod.oval:def:49255Date: (C)2018-12-05   (M)2018-12-05
Class: PATCHFamily: unix




The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the - -dSAFER protection and, for example, execute arbitrary shell commands via a specially crafted PostScript document. Red Hat would like to thank Tavis Ormandy for reporting this issue.

Platform:
Red Hat Enterprise Linux 6
Product:
ghostscript
Reference:
RHSA-2018:3760-01
CVE-2018-16509
CVE    1
CVE-2018-16509
CPE    10
cpe:/o:debian:debian_linux:9.0
cpe:/o:redhat:enterprise_linux:6
cpe:/a:artifex:ghostscript:8_64
cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
...

© SecPod Technologies