AVG-786 log
| Package | ghostscript |
| Status | Fixed |
| Severity | High |
| Type | sandbox escape |
| Affected | 9.25-3 |
| Fixed | 9.25-4 |
| Current | 10.06.0-1 [extra] |
| Ticket | None |
| Created | Mon Oct 22 16:05:24 2018 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2018-18284 | High | Yes | Sandbox escape | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. |
| CVE-2018-18073 | High | Yes | Sandbox escape | Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an... |
| CVE-2018-17961 | High | Yes | Sandbox escape | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 06 Nov 2018 | ASA-201811-3 | ghostscript | sandbox escape |