Podatność CVE-2018-18284

Podatność CVE-2018-18284

Publikacja: 2018-10-19 Modyfikacja: 2018-10-20

Opis:

	Tytuł	Autor	Data
High	Ghostscript 1Policy Dangerous Access To Operator	Tavis Ormandy	19.10.2018

Typ:

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
6.8/10	6.4/10	8.6/10

Affected software
Redhat -> Enterprise linux desktop
Redhat -> Enterprise linux server
Redhat -> Enterprise linux server aus
Redhat -> Enterprise linux server eus
Redhat -> Enterprise linux server tus
Redhat -> Enterprise linux workstation
Debian -> Debian linux
Canonical -> Ubuntu linux
Artifex -> Ghostscript
Artifex -> Gpl ghostscript

http://git.ghostscript.com/?p=ghostpdl.git;h=8d19fdf63f91f50466b08f23e2d93d37a4c5ea0b

http://www.openwall.com/lists/oss-security/2018/10/16/2

http://www.securityfocus.com/bid/107451

https://access.redhat.com/errata/RHSA-2018:3834

https://bugs.chromium.org/p/project-zero/issues/detail?id=1696

https://bugs.ghostscript.com/show_bug.cgi?id=699963

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101

https://lists.debian.org/debian-lts-announce/2018/10/msg00013.html

https://security.gentoo.org/glsa/201811-12

https://usn.ubuntu.com/3803-1/

https://www.debian.org/security/2018/dsa-4336