Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2016:2492-1

Опубликовано: 11 окт. 2016
Источник: suse-cvrf

Описание

Security update for ghostscript-library

This update for ghostscript-library fixes the following issues:

  • Multiple security vulnerabilities have been discovered where ghostscript's '-dsafer' flag did not provide sufficient protection against unintended access to the file system. Thus, a machine that would process a specially crafted Postscript file would potentially leak sensitive information to an attacker. (CVE-2013-5653, bsc#1001951)

  • An incorrect reference count was found in .setdevice. This issue lead to a use-after-free scenario, which could have been exploited for denial-of-service or, possibly, arbitrary code execution attacks. (CVE-2016-7978, bsc#1001951)

  • Insufficient validation of the type of input in .initialize_dsc_parser used to allow remote code execution. (CVE-2016-7979, bsc#1001951)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1
ghostscript-9.15-11.1
ghostscript-x11-9.15-11.1
SUSE Linux Enterprise Server 12 SP1
ghostscript-9.15-11.1
ghostscript-x11-9.15-11.1
SUSE Linux Enterprise Server 12-LTSS
ghostscript-9.15-11.1
ghostscript-x11-9.15-11.1
SUSE Linux Enterprise Server for SAP Applications 12
ghostscript-9.15-11.1
ghostscript-x11-9.15-11.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
ghostscript-9.15-11.1
ghostscript-x11-9.15-11.1
SUSE Linux Enterprise Software Development Kit 12 SP1
ghostscript-devel-9.15-11.1

Ссылки

Описание

The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:ghostscript-9.15-11.1
SUSE Linux Enterprise Desktop 12 SP1:ghostscript-x11-9.15-11.1
SUSE Linux Enterprise Server 12 SP1:ghostscript-9.15-11.1
SUSE Linux Enterprise Server 12 SP1:ghostscript-x11-9.15-11.1
Ссылки

Описание

Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:ghostscript-9.15-11.1
SUSE Linux Enterprise Desktop 12 SP1:ghostscript-x11-9.15-11.1
SUSE Linux Enterprise Server 12 SP1:ghostscript-9.15-11.1
SUSE Linux Enterprise Server 12 SP1:ghostscript-x11-9.15-11.1
Ссылки

Описание

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:ghostscript-9.15-11.1
SUSE Linux Enterprise Desktop 12 SP1:ghostscript-x11-9.15-11.1
SUSE Linux Enterprise Server 12 SP1:ghostscript-9.15-11.1
SUSE Linux Enterprise Server 12 SP1:ghostscript-x11-9.15-11.1
Ссылки
Уязвимость SUSE-SU-2016:2492-1