This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Artifex First view 2018-10-19
Product Ghostscript Last view 2019-11-27
Version 9.25 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:artifex:ghostscript

Activity : Overall

Related : CVE

  Date Alert Description
7.8 2019-11-27 CVE-2019-14812

A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.

8.8 2019-11-15 CVE-2019-14869

A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands.

9.8 2019-09-06 CVE-2019-14813

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.

7.8 2019-09-03 CVE-2019-14811

A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.

7.8 2019-05-16 CVE-2019-3839

It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.27 are vulnerable.

5.5 2019-03-25 CVE-2019-3838

It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.

5.5 2019-03-25 CVE-2019-3835

It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.

7.8 2019-03-21 CVE-2019-6116

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.

5.5 2019-01-02 CVE-2018-19478

In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file.

7.8 2018-12-20 CVE-2018-19134

In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue because of failure to check whether the Implementation of a pattern dictionary was a structure type.

7.8 2018-11-23 CVE-2018-19477

psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.

7.8 2018-11-23 CVE-2018-19476

psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.

7.8 2018-11-23 CVE-2018-19475

psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.

9.8 2018-11-21 CVE-2018-19409

An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.

8.6 2018-10-19 CVE-2018-18284

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.

CWE : Common Weakness Enumeration

%idName
25% (3) CWE-704 Incorrect Type Conversion or Cast
25% (3) CWE-264 Permissions, Privileges, and Access Controls
16% (2) CWE-284 Access Control (Authorization) Issues
16% (2) CWE-269 Improper Privilege Management
16% (2) CWE-20 Improper Input Validation

Snort® IPS/IDS

Date Description
2019-03-05 Ghostscript PostScript remote code execution attempt
RuleID : 49086 - Type : FILE-OTHER - Revision : 1
2019-03-05 Ghostscript PostScript remote code execution attempt
RuleID : 49085 - Type : FILE-OTHER - Revision : 1

Nessus® Vulnerability Scanner

id Description
2019-01-08 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2019-1004.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1412.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote Debian host is missing a security update.
File: debian_DLA-1620.nasl - Type: ACT_GATHER_INFO
2018-12-19 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-3834.nasl - Type: ACT_GATHER_INFO
2018-11-29 Name: The remote Debian host is missing a security update.
File: debian_DLA-1598.nasl - Type: ACT_GATHER_INFO
2018-11-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4346.nasl - Type: ACT_GATHER_INFO
2018-11-28 Name: The remote Windows host contains a library that is affected by multiple vulne...
File: ghostscript_9_26.nasl - Type: ACT_GATHER_INFO
2018-11-26 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201811-12.nasl - Type: ACT_GATHER_INFO
2018-11-13 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4336.nasl - Type: ACT_GATHER_INFO
2018-10-23 Name: The remote Debian host is missing a security update.
File: debian_DLA-1552.nasl - Type: ACT_GATHER_INFO