Описание
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| ghostscript | fixed | 9.25~dfsg-3 | package |
Примечания
https://bugs.chromium.org/p/project-zero/issues/detail?id=1690
https://bugs.ghostscript.com/show_bug.cgi?id=699927
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=34cc326eb2c5695833361887fe0b32e8d987741c
https://www.openwall.com/lists/oss-security/2018/10/10/12
Связанные уязвимости
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.
Уязвимость компонента Sandbox Protection Mechanism набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю обойти защитный механизм изолированной программной среды и раскрыть защищаемую информацию