CVE-2013-5653

Опубликовано: 07 мар. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 5.5

Описание

The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.

Релиз	Статус	Примечание
devel	released	9.19~dfsg+1-0ubuntu7.1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [9.10~dfsg-0ubuntu10.5]]
esm-infra/xenial	released	9.18~dfsg~0-0ubuntu2.2
precise	released	9.05~dfsg-0ubuntu4.4
trusty	released	9.10~dfsg-0ubuntu10.5
trusty/esm	DNE	trusty was released [9.10~dfsg-0ubuntu10.5]
upstream	needs-triage
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	released	9.18~dfsg~0-0ubuntu2.2

Показывать по

Ссылки на источники

EPSS

Процентиль: 48%

0.00245

Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2013-5653

CVSS3: 4

redhat

около 12 лет назад

The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.

CVE-2013-5653

CVSS3: 5.5

nvd

больше 8 лет назад

The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.

CVE-2013-5653

CVSS3: 5.5

debian

больше 8 лет назад

The getenv and filenameforall functions in Ghostscript 9.10 ignore the ...

openSUSE-SU-2016:2855-1

suse-cvrf

почти 9 лет назад

Security update for ghostscript

SUSE-SU-2016:2817-1

suse-cvrf

почти 9 лет назад

Security update for ghostscript

EPSS

Процентиль: 48%

0.00245

Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3

CVE-2013-5653

Описание

Пакет ghostscript

Ссылки на источники

Связанные уязвимости