Lucene search
Redhat.comRH:CVE-2019-14811HistoryOct 10, 2019 - 5:52 a.m.
CVE-2019-14811
2019-10-1005:52:20
redhat.com
access.redhat.com
36
0.973 High
EPSS
Percentile
99.9%
A flaw was found in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
Mitigation
Please refer to the "Mitigation" section of CVE-2018-16509 : <https://access.redhat.com/security/cve/cve-2018-16509>
Related
prion
prion
Command injection
2019-09-03 16:15:00
Design/Logic Flaw
2018-09-05 06:29:00
Design/Logic Flaw
2018-09-10 16:29:00
ubuntucve
ubuntucve
cve
cve
veracode
veracode
Safer Restriction Bypass
2019-09-03 00:20:36
Privilege Escalation
2019-01-15 09:27:20
Arbitrary Command Execution
2019-01-15 09:27:10
centos
centos
ghostscript security update
2018-12-06 18:54:07
ghostscript security update
2018-12-13 20:45:18
ghostscript security update
2018-10-15 21:01:33
openvas
openvas
CentOS Update for ghostscript CESA-2018:3760 centos6
2018-12-07 00:00:00
Slackware: Security Advisory (SSA:2018-256-01)
2022-04-21 00:00:00
CentOS Update for ghostscript CESA-2018:3761 centos7
2018-12-18 00:00:00
slackware
slackware
[slackware-security] ghostscript
2018-09-13 22:03:55
nvd
nvd
nessus
nessus
RHEL 6 : ghostscript (RHSA-2018:3760)
2018-12-04 00:00:00
Virtuozzo 6 : ghostscript / ghostscript-devel / ghostscript-doc / etc (VZLSA-2018-3760)
2020-12-22 00:00:00
Oracle Linux 6 : ghostscript (ELSA-2018-3760)
2018-12-04 00:00:00
amazon
amazon
Important: ghostscript
2018-12-20 00:04:00
Important: ghostscript
2018-10-08 22:17:00
osv
osv
debiancve
debiancve
alpinelinux
alpinelinux
CVE-2019-14811
2019-09-03 16:15:11
CVE-2018-16802
2018-09-10 16:29:00
cvelist
cvelist
cert
cert
Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities
2018-08-21 00:00:00
f5
f5
K02495251 : Ghostscript vulnerability CVE-2018-16509 (VU#332928)
2018-09-26 00:00:00
redhatcve
redhatcve
checkpoint_advisories
checkpoint_advisories
Artifex Ghostscript Remote Code Execution (CVE-2018-16509)
2022-09-18 00:00:00
redhat
redhat
(RHSA-2018:3760) Important: ghostscript security update
2018-12-03 21:13:23
(RHSA-2018:3761) Important: ghostscript security and bug fix update
2018-12-03 21:13:39
(RHSA-2019:2586) Important: ghostscript security update
2019-09-02 07:04:45
debian
debian
[SECURITY] [DSA 4294-1] ghostscript security update
2018-09-16 20:48:10
[SECURITY] [DLA 1915-1] ghostscript security update
2019-09-09 12:08:44
[SECURITY] [DSA 4518-1] ghostscript security update
2019-09-07 15:42:39
oraclelinux
oraclelinux
ghostscript security update
2018-12-03 00:00:00
ghostscript security and bug fix update
2018-12-03 00:00:00
ghostscript security update
2019-09-06 00:00:00
freebsd
freebsd
Ghostscript -- Security bypass vulnerabilities
2019-08-20 00:00:00
archlinux
archlinux
[ASA-201911-5] ghostscript: sandbox escape
2019-11-03 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Ghostscript affect PowerKVM
2018-12-17 14:30:02
ubuntu
ubuntu
Ghostscript vulnerabilities
2019-08-29 00:00:00
mageia
mageia
Updated ghostscript packages fix security vulnerabilities
2019-09-12 22:09:52
fedora
fedora
[SECURITY] Fedora 30 Update: ghostscript-9.27-2.fc30
2019-11-18 01:19:29
[SECURITY] Fedora 31 Update: ghostscript-9.27-1.fc31
2019-09-22 01:23:29
[SECURITY] Fedora 30 Update: ghostscript-9.27-1.fc30
2019-09-25 01:09:18
suse
suse
Security update for ghostscript (important)
2019-09-30 00:00:00
Security update for ghostscript (important)
2019-09-30 00:00:00
gentoo
gentoo
GPL Ghostscript: Multiple vulnerabilities
2020-04-01 00:00:00