Showing 1 - 6 of 6

CVE-2019-6116

Status Candidate

Overview

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.

Gentoo Linux Security Advisory 202004-03: Posted Apr 2, 2020; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202004-3 - Multiple vulnerabilities have been found in GPL Ghostscript, the worst of which could result in the execution of arbitrary code. Versions prior to 9.28_rc4 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2019-10216, CVE-2019-14811, CVE-2019-14812, CVE-2019-14813, CVE-2019-14817, CVE-2019-3835, CVE-2019-3838, CVE-2019-6116; SHA-256 | 1143a341a653ea77288aa928bf02cfdaeea19658c1e0c96e22d25a3ee29e8a6e; Download | Favorite | View

Slackware Security Advisory - ghostscript Updates: Posted Apr 3, 2019; Authored by Slackware Security Team | Site slackware.com; Slackware Security Advisory - New ghostscript packages are available for Slackware 14.2 and -current to fix security issues.; tags | advisory; systems | linux, slackware; advisories | CVE-2019-3835, CVE-2019-3838, CVE-2019-6116; SHA-256 | abebe83ea8a0adef25f49987ca9bc808814c9bb0422eca0d29b97ebc3ef1f249; Download | Favorite | View

Red Hat Security Advisory 2019-0229-01: Posted Feb 1, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-0229-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2018-16540, CVE-2018-19475, CVE-2018-19476, CVE-2018-19477, CVE-2019-6116; SHA-256 | e81ad852a81d59f92ab945d478f633f6eee573cf410bb8aeae1f8c6a0eec97c9; Download | Favorite | View

Debian Security Advisory 4372-1: Posted Jan 26, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4372-1 - Tavis Ormandy discovered a vulnerability in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed (despite the -dSAFER sandbox being enabled).; tags | advisory, denial of service, arbitrary; systems | linux, debian; advisories | CVE-2019-6116; SHA-256 | b0892cae89455b1500d748194287668356da154746a396a174c05197889b74fc; Download | Favorite | View

Ghostscript Pseudo-Operator Remote Code Execution: Posted Jan 23, 2019; Authored by Tavis Ormandy, Google Security Research; Ghostscript has an issue with pseudo-operators that can lead to remote code execution. Version 9.26 is affected.; tags | exploit, remote, code execution; advisories | CVE-2019-6116; SHA-256 | 6f82dc2c71113403be2f8d208d1801454419d4178873a71ecf3e7231bb75fa9f; Download | Favorite | View

Ubuntu Security Notice USN-3866-1: Posted Jan 23, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3866-1 - Tavis Ormandy discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service.; tags | advisory, remote, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2019-6116; SHA-256 | 39c2317129a0f2797b184193f238e6b3905f879dd65b2bd8f0ca13cd1b69f6c6; Download | Favorite | View

Page 1 of 1 Back 1 Next