Описание
In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 9.22~dfsg+1-0ubuntu1.2 |
| devel | released | 9.25~dfsg+1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [9.10~dfsg-0ubuntu10.13]] |
| esm-infra/bionic | released | 9.22~dfsg+1-0ubuntu1.2 |
| esm-infra/xenial | released | 9.18~dfsg~0-0ubuntu2.9 |
| precise/esm | DNE | |
| trusty | released | 9.10~dfsg-0ubuntu10.13 |
| trusty/esm | DNE | trusty was released [9.10~dfsg-0ubuntu10.13] |
| upstream | released | 9.22~dfsg-3 |
| xenial | released | 9.18~dfsg~0-0ubuntu2.9 |
Показывать по
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code.
In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code.
In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using ...
In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code.
Уязвимость набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3