Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-16802

Опубликовано: 10 сент. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 7.8

Описание

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509.

РелизСтатусПримечание
bionic

released

9.22~dfsg+1-0ubuntu1.2
devel

released

9.25~dfsg+1-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [9.10~dfsg-0ubuntu10.13]]
esm-infra/bionic

released

9.22~dfsg+1-0ubuntu1.2
esm-infra/xenial

released

9.18~dfsg~0-0ubuntu2.9
precise/esm

DNE

trusty

released

9.10~dfsg-0ubuntu10.13
trusty/esm

DNE

trusty was released [9.10~dfsg-0ubuntu10.13]
upstream

needs-triage

xenial

released

9.18~dfsg~0-0ubuntu2.9

Показывать по

Ссылки на источники

EPSS

Процентиль: 76%
0.00971
Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-16802

CVSS3: 7.3
redhat
около 7 лет назад

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509.

nvd логотип

CVE-2018-16802

CVSS3: 7.8
nvd
около 7 лет назад

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509.

debian логотип

CVE-2018-16802

CVSS3: 7.8
debian
около 7 лет назад

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect ...

github логотип

GHSA-r3qx-w5mm-cr27

CVSS3: 7.8
github
больше 3 лет назад

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509.

fstec логотип

BDU:2019-04351

CVSS3: 7.8
fstec
около 7 лет назад

Уязвимость набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 76%
0.00971
Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3