[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

CVE-2019-6116 ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators

ID: oval:org.secpod.oval:def:50472Date: (C)2019-01-30   (M)2023-12-20
Class: VULNERABILITYFamily: unix




It was found that ghostscript could leak sensitive operators on the operand stack when a pseudo-operator pushes a subroutine. A specially crafted PostScript file could use this flaw to escape the -dSAFER protection in order to, for example, have access to the file system and execute commands.

Platform:
Red Hat Enterprise Linux 7
CentOS 7
Product:
ghostscript
Reference:
CVE-2019-6116
CVE    1
CVE-2019-6116
CPE    3
cpe:/o:redhat:enterprise_linux:7
cpe:/o:centos:centos:7
cpe:/a:ghostscript:ghostscript

© SecPod Technologies