Описание
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 9.26~dfsg+0-0ubuntu0.18.04.10 |
| devel | released | 9.26~dfsg+0-0ubuntu9 |
| disco | released | 9.26~dfsg+0-0ubuntu7.2 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | released | 9.26~dfsg+0-0ubuntu0.18.04.10 |
| esm-infra/xenial | released | 9.26~dfsg+0-0ubuntu0.16.04.10 |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | |
| upstream | needs-triage |
Показывать по
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.
In ghostscript before version 9.50, the .buildfont1 procedure did not ...
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3