ghostscript

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description An interpreter for the PostScript language
Version 9.26-2 [extra]

Open

Group Affected Fixed Severity Status Ticket
AVG-929 9.26-2 High Vulnerable FS#62102
Issue Group Severity Remote Type Description
CVE-2019-3838 AVG-929 High Yes Sandbox escape
It was found that the forceput operator could be extracted from the DefineResource method using methods similar to the ones described in CVE-2019-6116. A...
CVE-2019-3835 AVG-929 High Yes Sandbox escape
It was found that the superexec operator was available in the internal dictionary.  A specially crafted PostScript file could use this flaw in order to, for...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-860 9.26-1 9.26-2 High Fixed
AVG-786 9.25-3 9.25-4 High Fixed
AVG-256 9.21-1 9.21-2 High Fixed
Issue Group Severity Remote Type Description
CVE-2019-6116 AVG-860 High Yes Sandbox escape
It was found that ghostscript could leak sensitive operators on the operand stack when a pseudo-operator pushes a subroutine. A specially crafted PostScript...
CVE-2018-18284 AVG-786 High Yes Sandbox escape
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.
CVE-2018-18073 AVG-786 High Yes Sandbox escape
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an...
CVE-2018-17961 AVG-786 High Yes Sandbox escape
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup.
CVE-2017-8291 AVG-256 High Yes Arbitrary command execution
It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially...

Advisories

Date Advisory Group Severity Description
29 Jan 2019 ASA-201901-18 AVG-860 High sandbox escape
06 Nov 2018 ASA-201811-3 AVG-786 High sandbox escape
07 May 2017 ASA-201705-3 AVG-256 High arbitrary command execution