Download
| Alert*
|
oval:org.secpod.oval:def:66454
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * ghostscript: Safer mode bypass by .forceput exposure in .pdf_hook_DSC_Creator * ghostsc ... oval:org.secpod.oval:def:89003084 This update for ghostscript to 9.27 fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators. - CVE-2019 ... oval:org.secpod.oval:def:89050779 This update for ghostscript fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators. - CVE-2019-12973: ... oval:org.secpod.oval:def:117136 This package provides useful conversion utilities based on Ghostscript software, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Systems' PostScript and Portable Document Format page description languag ... oval:org.secpod.oval:def:2105110 A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the ... oval:org.secpod.oval:def:205361 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * ghostscript: Safer mode bypass by .forceput exposure in .pdf_hook_DSC_Creator * ghostsc ... oval:org.secpod.oval:def:705151 ghostscript: PostScript and PDF interpreter Ghostscript could be made to access arbitrary files if it opened a specially crafted file. oval:org.secpod.oval:def:503322 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * ghostscript: Safer mode bypass by .forceput exposure in .pdf_hook_DSC_Creator * ghostsc ... oval:org.secpod.oval:def:503324 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * ghostscript: Safer mode bypass by .forceput exposure in .pdf_hook_DSC_Creator * ghostsc ... oval:org.secpod.oval:def:59759 -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.References:-dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the file s ... oval:org.secpod.oval:def:1502600 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:69753 It was discovered that various procedures in Ghostscript, the GPL PostScript/PDF interpreter, do not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox. oval:org.secpod.oval:def:604524 It was discovered that various procedures in Ghostscript, the GPL PostScript/PDF interpreter, do not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox. oval:org.secpod.oval:def:58860 ghostscript: PostScript and PDF interpreter Ghostscript could be made to access arbitrary files if it opened a specially crafted file. oval:org.secpod.oval:def:82587 The host is installed with Artifex Ghostscript before 9.50 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle a specially crafted PostScript file. Successful exploitation could allows attackers to disable security protection and then hav ... oval:org.secpod.oval:def:1502657 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700556 Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code. Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protec ... |
