CVE-2018-16539
N/A
N/A
Summary
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://access.redhat.com/errata/RHSA-2018:3650
- https://security.gentoo.org/glsa/201811-12
- https://usn.ubuntu.com/3768-1/
- https://www.artifex.com/news/ghostscript-security-resolved/
- https://www.debian.org/security/2018/dsa-4288
- https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html
- https://bugs.ghostscript.com/show_bug.cgi?id=699658
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=a054156d425b4dbdaaa9fda4b5f1182b27598c2b
References
- https://access.redhat.com/errata/RHSA-2018:3650
- https://security.gentoo.org/glsa/201811-12
- https://usn.ubuntu.com/3768-1/
- https://www.artifex.com/news/ghostscript-security-resolved/
- https://www.debian.org/security/2018/dsa-4288
- https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html
- https://bugs.ghostscript.com/show_bug.cgi?id=699658
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=a054156d425b4dbdaaa9fda4b5f1182b27598c2b
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.