Описание
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 9.26~dfsg+0-0ubuntu0.18.04.13 |
| devel | not-affected | 9.51~dfsg-1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | released | 9.26~dfsg+0-0ubuntu0.18.04.13 |
| esm-infra/focal | released | 9.50~dfsg-5ubuntu4.2 |
| esm-infra/xenial | released | 9.26~dfsg+0-0ubuntu0.16.04.13 |
| focal | released | 9.50~dfsg-5ubuntu4.2 |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE |
Показывать по
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
A use-after-free vulnerability in xps_finish_image_path() in devices/v ...
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
Уязвимость функции xps_finish_image_path() (devices/vector/gdevxps.c) набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
6.8 Medium
CVSS2
7.8 High
CVSS3