CVE-2018-18284

Related Files

Red Hat Security Advisory 2018-3834-01

Posted Dec 18, 2018

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3834-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Issues addressed include a bypass vulnerability.

tags | advisory, bypass

systems | linux, redhat

advisories | CVE-2018-15911, CVE-2018-16541, CVE-2018-16802, CVE-2018-17183, CVE-2018-17961, CVE-2018-18073, CVE-2018-18284, CVE-2018-19134, CVE-2018-19409

SHA-256 | f5f96e39e74386a862dbdf24dde2652838709fb7d29500c0d76bd6ebb2ae845e

Download | Favorite | View

Debian Security Advisory 4336-1

Posted Nov 12, 2018

Authored by Debian | Site debian.org

Debian Linux Security Advisory 4336-1 - Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service, disclosure of existence and size of arbitrary files, or the execution of arbitrary code if a malformed Postscript file is processed (despite the dSAFER sandbox being enabled).

tags | advisory, denial of service, arbitrary, vulnerability

systems | linux, debian

advisories | CVE-2018-11645, CVE-2018-17961, CVE-2018-18073, CVE-2018-18284

SHA-256 | 7e05b4b5b1f00eff8bded029cb3e5ca4e7b8b42b276d38f2c46ed503799239a9

Download | Favorite | View

Ghostscript 1Policy Dangerous Access To Operator

Posted Oct 18, 2018

Authored by Tavis Ormandy, Google Security Research

Ghostscript has an issues where callers of a procedure are not forced to be properly marked as executeonly or pseudo-operators, allowing for the ability to take complete control of it.

tags | advisory

advisories | CVE-2018-18284

SHA-256 | c212335a3050997bb3269410331972bd215ee205ac25561281f6b950ad7bb670

Download | Favorite | View