Lucene search
PRIOn knowledge basePRION:CVE-2018-16863HistoryDec 03, 2018 - 5:29 p.m.
Design/Logic Flaw
2018-12-0317:29:00
PRIOn knowledge base
www.prio-n.com
12
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7.
References
git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=520bb0ea7519
git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=5516c614dc33
git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=78911a01b67d
git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=79cccf641486
access.redhat.com/errata/RHSA-2018:3761
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16863
Related
oraclelinux
oraclelinux
ghostscript security and bug fix update
2018-12-03 00:00:00
ghostscript security update
2018-12-03 00:00:00
ghostscript security update
2018-10-15 00:00:00
nessus
nessus
Oracle Linux 7 : ghostscript (ELSA-2018-3761)
2018-12-04 00:00:00
Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20181204)
2018-12-06 00:00:00
RHEL 7 : ghostscript (RHSA-2018:3761)
2018-12-04 00:00:00
ubuntucve
ubuntucve
cve
cve
debiancve
debiancve
nvd
nvd
cvelist
cvelist
redhat
redhat
(RHSA-2018:3761) Important: ghostscript security and bug fix update
2018-12-03 21:13:39
(RHSA-2018:3760) Important: ghostscript security update
2018-12-03 21:13:23
(RHSA-2018:2918) Important: ghostscript security update
2018-10-16 01:32:18
redhatcve
redhatcve
openvas
openvas
CentOS Update for ghostscript CESA-2018:3761 centos7
2018-12-18 00:00:00
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1023)
2020-01-23 00:00:00
CentOS Update for ghostscript CESA-2018:3760 centos6
2018-12-07 00:00:00
veracode
veracode
Arbitrary Command Execution
2019-01-15 09:27:10
Privilege Escalation
2019-01-15 09:27:20
centos
centos
ghostscript security update
2018-12-13 20:45:18
ghostscript security update
2018-12-06 18:54:07
ghostscript security update
2018-10-15 21:01:33
amazon
amazon
Important: ghostscript
2018-12-20 00:04:00
Important: ghostscript
2018-10-08 22:17:00
prion
prion
Design/Logic Flaw
2018-09-05 06:29:00
Design/Logic Flaw
2018-09-10 16:29:00
osv
osv
CVE-2018-16509
2018-09-05 06:29:00
CVE-2018-16802
2018-09-10 16:29:00
ghostscript - security update
2018-09-16 00:00:00
cert
cert
Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities
2018-08-21 00:00:00
slackware
slackware
[slackware-security] ghostscript
2018-09-13 22:03:55
f5
f5
K02495251 : Ghostscript vulnerability CVE-2018-16509 (VU#332928)
2018-09-26 00:00:00
checkpoint_advisories
checkpoint_advisories
Artifex Ghostscript Remote Code Execution (CVE-2018-16509)
2022-09-18 00:00:00
debian
debian
[SECURITY] [DSA 4294-1] ghostscript security update
2018-09-16 20:48:10
[SECURITY] [DLA 1504-1] ghostscript security update
2018-09-13 12:23:11
alpinelinux
alpinelinux
CVE-2018-16802
2018-09-10 16:29:00
ibm
ibm
Security Bulletin: Vulnerabilities in Ghostscript affect PowerKVM
2018-12-17 14:30:02
mageia
mageia
Updated ghostscript packages fix security vulnerabilities
2018-09-21 02:17:55
suse
suse
Security update for ghostscript (important)
2018-10-05 21:13:14
Security update for ghostscript (important)
2018-10-05 21:10:24
ubuntu
ubuntu
Ghostscript vulnerabilities
2018-09-19 00:00:00
gentoo
gentoo
GPL Ghostscript: Multiple vulnerabilities
2018-11-24 00:00:00