CVE-2019-6116

Опубликовано: 21 мар. 2019

Источник: debian

EPSS Средний

Описание

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.

Пакет	Статус	Версия исправления	Релиз	Тип
ghostscript	fixed	9.26a~dfsg-1		package

https://www.openwall.com/lists/oss-security/2019/01/23/5
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=13b0a36f8181db66a91bcc8cea139998b53a8996
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2db98f9c66135601efb103d8db7d020a672308db
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=99f13091a3f309bdc95d275ea9fec10bb9f42d9a
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=59d8f4deef90c1598ff50616519d5576756b4495
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2768d1a6dddb83f5c061207a7ed2813999c1b5c9
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=49c8092da88ef6bb0aa281fe294ae0925a44b5b9
https://bugs.chromium.org/p/project-zero/issues/detail?id=1729
https://bugs.ghostscript.com/show_bug.cgi?id=700317

EPSS

Процентиль: 99%

0.67767

Средний

CVE-2019-6116

CVSS3: 7.8

ubuntu

больше 6 лет назад

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.

CVE-2019-6116

CVSS3: 7.3

redhat

почти 7 лет назад

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.

CVE-2019-6116

CVSS3: 7.8

nvd

больше 6 лет назад

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.

openSUSE-SU-2019:0104-1

suse-cvrf

больше 6 лет назад

Security update for ghostscript

openSUSE-SU-2019:0103-1

suse-cvrf

почти 7 лет назад

Security update for ghostscript

EPSS

Процентиль: 99%

0.67767

Средний