CVE-2018-16863

Опубликовано: 03 дек. 2018

Источник: ubuntu

Приоритет: medium

CVSS2: 9.3

CVSS3: 7.3

Описание

It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7.

Релиз	Статус	Примечание
bionic	not-affected
cosmic	not-affected
devel	not-affected
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected]
esm-infra/bionic	not-affected
esm-infra/xenial	not-affected
precise/esm	DNE
trusty	not-affected
trusty/esm	DNE	trusty was not-affected
upstream	not-affected	debian: Red Hat-specific issue

Показывать по

Ссылки на источники

9.3 Critical

CVSS2

7.3 High

CVSS3

Связанные уязвимости

CVE-2018-16863

CVSS3: 7.3

redhat

почти 7 лет назад

CVE-2018-16863

CVSS3: 7.3

nvd

почти 7 лет назад

CVE-2018-16863

CVSS3: 7.3

debian

почти 7 лет назад

It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An ...

GHSA-83g5-f7jm-c8fc

CVSS3: 7.8

github

больше 3 лет назад

ELSA-2018-3761

oracle-oval

почти 7 лет назад

ELSA-2018-3761: ghostscript security and bug fix update (IMPORTANT)

9.3 Critical

CVSS2

7.3 High

CVSS3

CVE-2018-16863

Описание

Пакет ghostscript

Ссылки на источники

Связанные уязвимости