Lucene search

K

PRIOn knowledge basePRION:CVE-2019-3839

HistoryMay 16, 2019 - 7:29 p.m.

Design/Logic Flaw

2019-05-1619:29:00

PRIOn knowledge base

www.prio-n.com

4

7.1 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.8%

It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.27 are vulnerable.

CPENameOperatorVersion
ghostscriptlt9.27
ubuntu_linuxeq16.04
ubuntu_linuxeq18.04
ubuntu_linuxeq18.10
ubuntu_linuxeq19.04
debian_linuxeq8.0
debian_linuxeq9.0
fedoraeq29
fedoraeq30
leapeq15.0

Rows per page:

1-10 of 131

References

git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4ec9ca74bed49f2a82acb4bf430eae0d8b3b75c9

lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html

lists.opensuse.org/opensuse-security-announce/2019-09/msg00090.html

access.redhat.com/errata/RHSA-2019:0971

access.redhat.com/errata/RHSA-2019:1017

bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3839

lists.debian.org/debian-lts-announce/2019/05/msg00023.html

lists.fedoraproject.org/archives/list/[email protected]/message/6AATIHU32MYKUOXQDJQU4X4DDVL7NAY3/

lists.fedoraproject.org/archives/list/[email protected]/message/ZP34D27RKYV2POJ3NJLSVCHUA5V5C45A/

seclists.org/bugtraq/2019/May/23

usn.ubuntu.com/3970-1/

www.debian.org/security/2019/dsa-4442

7.1 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.8%

Related for PRION:CVE-2019-3839

osv7 openvas43 mageia3 cvelist3 centos2 nessus63 debiancve3 nvd3 cve3 ubuntucve3 veracode3 redhat3 oraclelinux4 redhatcve3 zdt1 debian7 suse4 prion2 ubuntu2 fedora10 archlinux2 alpinelinux1 amazon2 slackware1 gentoo1 ibm1