Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-16863

Опубликовано: 03 дек. 2018
Источник: nvd
CVSS3: 7.3
CVSS3: 7.8
CVSS2: 9.3
EPSS Низкий

Описание

It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:artifex:ghostscript:9.07:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 25%
0.00083
Низкий

7.3 High

CVSS3

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-184
CWE-78

Связанные уязвимости

ubuntu логотип

CVE-2018-16863

CVSS3: 7.3
ubuntu
почти 7 лет назад

It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7.

redhat логотип

CVE-2018-16863

CVSS3: 7.3
redhat
почти 7 лет назад

It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7.

debian логотип

CVE-2018-16863

CVSS3: 7.3
debian
почти 7 лет назад

It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An ...

github логотип

GHSA-83g5-f7jm-c8fc

CVSS3: 7.8
github
больше 3 лет назад

It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7.

oracle-oval логотип

ELSA-2018-3761

oracle-oval
почти 7 лет назад

ELSA-2018-3761: ghostscript security and bug fix update (IMPORTANT)

EPSS

Процентиль: 25%
0.00083
Низкий

7.3 High

CVSS3

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-184
CWE-78