AVG-929 log
Package | ghostscript |
Status | Fixed |
Severity | High |
Type | sandbox escape |
Affected | 9.26-2 |
Fixed | 9.27-1 |
Current | 10.04.0-1 [extra] |
Ticket | FS#62102 |
Created | Thu Mar 21 16:18:18 2019 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2019-3838 | High | Yes | Sandbox escape | It was found that the forceput operator could be extracted from the DefineResource method using methods similar to the ones described in CVE-2019-6116. A... |
CVE-2019-3835 | High | Yes | Sandbox escape | It was found that the superexec operator was available in the internal dictionary. A specially crafted PostScript file could use this flaw in order to, for... |
Date | Advisory | Package | Type |
---|---|---|---|
11 Apr 2019 | ASA-201904-5 | ghostscript | sandbox escape |