Lucene search

[email protected]NVD:CVE-2018-16513

HistorySep 05, 2018 - 1:29 p.m.

CVE-2018-16513

2018-09-0513:29:00

CWE-704

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

58.7%

JSON

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.

Affected configurations

Nvd

Node

artifexghostscriptRange<9.24

Node

canonicalubuntu_linuxMatch14.04lts

canonicalubuntu_linuxMatch16.04lts

canonicalubuntu_linuxMatch18.04lts

debiandebian_linuxMatch8.0

debiandebian_linuxMatch9.0

Node

artifexgpl_ghostscriptRange<9.26

Node

pulsesecurepulse_connect_secureRange8.2r1.0–8.2r12.1

pulsesecurepulse_connect_secureRange8.3r1–8.3r7.1

pulsesecurepulse_connect_secureRange9.0r1–9.0r3.4

VendorProductVersionCPE
artifexghostscript*cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*
canonicalubuntu_linux14.04cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
canonicalubuntu_linux16.04cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
canonicalubuntu_linux18.04cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
debiandebian_linux8.0cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
debiandebian_linux9.0cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
artifexgpl_ghostscript*cpe:2.3:a:artifex:gpl_ghostscript:*:*:*:*:*:*:*:*
pulsesecurepulse_connect_secure*cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
artifex	ghostscript	*	cpe:2.3:a:artifex:ghostscript::::::::
canonical	ubuntu_linux	14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
canonical	ubuntu_linux	16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
canonical	ubuntu_linux	18.04	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
debian	debian_linux	8.0	cpe:2.3:o:debian:debian_linux:8.0:::::::*
debian	debian_linux	9.0	cpe:2.3:o:debian:debian_linux:9.0:::::::*
artifex	gpl_ghostscript	*	cpe:2.3:a:artifex:gpl_ghostscript::::::::
pulsesecure	pulse_connect_secure	*	cpe:2.3:a:pulsesecure:pulse_connect_secure::::::::