Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2019-3839
Description:It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.27 are vulnerable.
Test IDs: 1.3.6.1.4.1.25623.1.0.843998   1.3.6.1.4.1.25623.1.0.704442   1.3.6.1.4.1.25623.1.0.891792   1.3.6.1.4.1.25623.1.1.2.2019.2031   1.3.6.1.4.1.25623.1.1.2.2019.1576   1.3.6.1.4.1.25623.1.1.2.2019.1731  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2019-3839
Bugtraq: 20190512 [SECURITY] [DSA 4442-1] ghostscript security update (Google Search)
https://seclists.org/bugtraq/2019/May/23
Debian Security Information: DSA-4442 (Google Search)
https://www.debian.org/security/2019/dsa-4442
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZP34D27RKYV2POJ3NJLSVCHUA5V5C45A/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6AATIHU32MYKUOXQDJQU4X4DDVL7NAY3/
https://lists.debian.org/debian-lts-announce/2019/05/msg00023.html
RedHat Security Advisories: RHSA-2019:0971
https://access.redhat.com/errata/RHSA-2019:0971
RedHat Security Advisories: RHSA-2019:1017
https://access.redhat.com/errata/RHSA-2019:1017
SuSE Security Announcement: openSUSE-SU-2019:2222 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00090.html
SuSE Security Announcement: openSUSE-SU-2019:2223 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html
https://usn.ubuntu.com/3970-1/




© 1998-2024 E-Soft Inc. All rights reserved.