Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2018-17961  

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup.

Source
Severity High

Remote Yes

Type Sandbox escape

Description 

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup.

AVG-786 ghostscript 9.25-3 9.25-4 High Fixed

06 Nov 2018 ASA-201811-3 AVG-786 ghostscript High sandbox escape 

https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a54c9e61e7d02bbc620bcba9b1c208462a876afb
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a5a9bf8c6a63aa4ac6874234fe8cd63e72077291
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a6807394bd94b708be24758287b606154daaaed9
https://www.openwall.com/lists/oss-security/2018/10/09/4
https://bugs.chromium.org/p/project-zero/issues/detail?id=1682&desc=2
https://bugs.ghostscript.com/show_bug.cgi?id=699816
https://lists.debian.org/debian-lts-announce/2018/10/msg00013.html
https://www.exploit-db.com/exploits/45573/

NOTE: this issue exists because of an incomplete fix for CVE-2018-17183.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started