RHSA-2018:3760-01 -- Redhat ghostscriptID: oval:org.secpod.oval:def:49255 | Date: (C)2018-12-05 (M)2024-05-22 |
Class: PATCH | Family: unix |
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the - -dSAFER protection and, for example, execute arbitrary shell commands via a specially crafted PostScript document. Red Hat would like to thank Tavis Ormandy for reporting this issue.
Platform: |
Red Hat Enterprise Linux 6 |