[Forgot Password]
Login  Register Subscribe

24437

 
 

132035

 
 

118681

 
 

909

 
 

92631

 
 

143

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2018:3760-01 -- Redhat ghostscript

ID: oval:org.secpod.oval:def:49255Date: (C)2018-12-05   (M)2018-12-05
Class: PATCHFamily: unix




The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the - -dSAFER protection and, for example, execute arbitrary shell commands via a specially crafted PostScript document. Red Hat would like to thank Tavis Ormandy for reporting this issue.

Platform:
Red Hat Enterprise Linux 6
Product:
ghostscript
Reference:
RHSA-2018:3760-01
CVE-2018-16509
CVE    1
CVE-2018-16509
CPE    10
cpe:/a:ghostscript:ghostscript
cpe:/o:redhat:enterprise_linux_desktop:7.0
cpe:/a:artifex:ghostscript:8_64
cpe:/o:redhat:enterprise_linux:6
...

© SecPod Technologies