Описание
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | ghostscript | Not affected | ||
| Red Hat Enterprise Linux 6 | ghostscript | Not affected | ||
| Red Hat Enterprise Linux 7 | ghostscript | Not affected | ||
| Red Hat OpenShift Enterprise 2 | ghostscript | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Important
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=1382294ghostscript: various userparams allow %pipe% in paths, allowing remote shell
EPSS
Процентиль: 98%
0.4841
Средний
7.1 High
CVSS3
Связанные уязвимости
CVSS3: 8.8
ubuntu
больше 8 лет назад
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.
CVSS3: 8.8
nvd
больше 8 лет назад
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.
CVSS3: 8.8
debian
больше 8 лет назад
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attacker ...
CVSS3: 8.8
github
больше 3 лет назад
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.
EPSS
Процентиль: 98%
0.4841
Средний
7.1 High
CVSS3