what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2019-3838

Status Candidate

Overview

It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.

Related Files

Gentoo Linux Security Advisory 202004-03
Posted Apr 2, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-3 - Multiple vulnerabilities have been found in GPL Ghostscript, the worst of which could result in the execution of arbitrary code. Versions prior to 9.28_rc4 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-10216, CVE-2019-14811, CVE-2019-14812, CVE-2019-14813, CVE-2019-14817, CVE-2019-3835, CVE-2019-3838, CVE-2019-6116
SHA-256 | 1143a341a653ea77288aa928bf02cfdaeea19658c1e0c96e22d25a3ee29e8a6e
Red Hat Security Advisory 2019-0971-01
Posted May 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0971-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Issues addressed include some missing attack vector protections.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-3835, CVE-2019-3838, CVE-2019-3839
SHA-256 | a9bff1942cef8e34246ee73871fa46baf34d82e3b31bccd64653fd9c4a011be1
Debian Security Advisory 4432-1
Posted Apr 17, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4432-1 - Cedric Buissart discovered two vulnerabilities in Ghostscript, the GPL PostScript/PDF interpreter, which could result in bypass of file system restrictions of the dSAFER sandbox.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2019-3835, CVE-2019-3838
SHA-256 | 51784f8be1c1e386af3b69b6266e3d0c02983e49cdfd148d34f4341856f0003c
Slackware Security Advisory - ghostscript Updates
Posted Apr 3, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ghostscript packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-3835, CVE-2019-3838, CVE-2019-6116
SHA-256 | abebe83ea8a0adef25f49987ca9bc808814c9bb0422eca0d29b97ebc3ef1f249
Red Hat Security Advisory 2019-0652-01
Posted Mar 27, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0652-01 - Ansible Tower version 3.3.5 has security updates that Red Hat did not feel like explaining in this advisory.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-5407, CVE-2019-3835, CVE-2019-3838
SHA-256 | 2638cb5d98f9dd47e1a7385986d6b92adb44d0f3f85b6e4bc38cb0d57d8dd34c
Red Hat Security Advisory 2019-0633-01
Posted Mar 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0633-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Multiple vulnerabilities have been addressed.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-3835, CVE-2019-3838
SHA-256 | 81e91f878664edfe24b631bddbedf394ff019eacbc69110849c182fffd2a8ab5
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close