CVE-2018-16509

Published: Sep 5, 2018Modified: Nov 21, 2024

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.

Affected (14)

Products: Debian: Debian Linux · Artifex: Ghostscript, Gpl Ghostscript · Canonical: Ubuntu Linux · +1 more

Show all products

Debian: Debian Linux · Artifex: Ghostscript, Gpl Ghostscript · Canonical: Ubuntu Linux · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Eus, Enterprise Linux Workstation

1 product

2 products

Gpl Ghostscript

1 product

4 products

Enterprise Linux Desktop

Enterprise Linux Server

Enterprise Linux Server Eus

Enterprise Linux Workstation

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Artifex Ghostscript	Before 9.24

Configuration C

3 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04

Configuration D

7 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Server	Version 7.0
Redhat Enterprise Linux Server Eus	Version 7.5
Redhat Enterprise Linux Workstation	Version 6.0
Redhat Enterprise Linux Workstation	Version 7.0

Configuration E

1 vulnerable

Vulnerable Software	Affected Versions
Artifex Gpl Ghostscript	Before 9.26

References (30)

http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=5516c614dc33662a2afdc377159f70218e67bde5

Source: cve@mitre.org

http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=78911a01b67d590b4a91afac2e8417360b934156

Source: cve@mitre.org

http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=79cccf641486a6595c43f1de1cd7ade696020a31

Source: cve@mitre.org

http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=520bb0ea7519aa3e79db78aaf0589dae02103764

Source: cve@mitre.org

http://seclists.org/oss-sec/2018/q3/142

Source: cve@mitre.org

ExploitMailing ListThird Party Advisory

http://www.securityfocus.com/bid/105122

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2018:2918

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3760

Source: cve@mitre.org

Third Party Advisory

https://bugs.ghostscript.com/show_bug.cgi?id=699654

Source: cve@mitre.org

Issue TrackingPermissions RequiredThird Party Advisory

https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://security.gentoo.org/glsa/201811-12

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/3768-1/

Source: cve@mitre.org

Third Party Advisory

https://www.artifex.com/news/ghostscript-security-resolved/

Source: cve@mitre.org

Vendor Advisory

https://www.debian.org/security/2018/dsa-4294

Source: cve@mitre.org

Third Party Advisory

https://www.exploit-db.com/exploits/45369/

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=5516c614dc33662a2afdc377159f70218e67bde5

Source: af854a3a-2127-422b-91ae-364da2661108

http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=78911a01b67d590b4a91afac2e8417360b934156

Source: af854a3a-2127-422b-91ae-364da2661108

http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=79cccf641486a6595c43f1de1cd7ade696020a31

Source: af854a3a-2127-422b-91ae-364da2661108

http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=520bb0ea7519aa3e79db78aaf0589dae02103764

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/oss-sec/2018/q3/142

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing ListThird Party Advisory

http://www.securityfocus.com/bid/105122

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2018:2918

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3760

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bugs.ghostscript.com/show_bug.cgi?id=699654

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPermissions RequiredThird Party Advisory

https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://security.gentoo.org/glsa/201811-12

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://usn.ubuntu.com/3768-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.artifex.com/news/ghostscript-security-resolved/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.debian.org/security/2018/dsa-4294

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.exploit-db.com/exploits/45369/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

Timeline

No history available yet.