It was discovered that the ghostscript did not properly validate the operands passed to the setcolor function. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted PostScript document.
Find out more about CVE-2018-16513 from the MITRE CVE dictionary dictionary and NIST NVD.
This issue did not affect the versions of ghostscript as shipped with Red Hat Enterprise Linux 5, 6, and 7.
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
| CVSS3 Base Score | 7.3 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
| Attack Vector | Network |
| Attack Complexity | Low |
| Privileges Required | None |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality | Low |
| Integrity Impact | Low |
| Availability Impact | Low |
| Platform | Package | State |
|---|---|---|
| Red Hat OpenShift Enterprise 3.2 | mediawiki | Not affected |
| Red Hat OpenShift Enterprise 3.1 | mediawiki | Not affected |
| Red Hat OpenShift Enterprise 3.0 | mediawiki | Not affected |
| Red Hat OpenShift Container Platform 3.9 | mediawiki | Not affected |
| Red Hat OpenShift Container Platform 3.7 | mediawiki | Not affected |
| Red Hat OpenShift Container Platform 3.6 | mediawiki | Not affected |
| Red Hat OpenShift Container Platform 3.5 | mediawiki | Not affected |
| Red Hat OpenShift Container Platform 3.4 | mediawiki | Not affected |
| Red Hat OpenShift Container Platform 3.3 | mediawiki | Not affected |
| Red Hat OpenShift Container Platform 3.11 | mediawiki | Not affected |
| Red Hat OpenShift Container Platform 3.10 | mediawiki | Not affected |
| Red Hat Enterprise Linux 7 | ghostscript | Not affected |
| Red Hat Enterprise Linux 6 | ghostscript | Not affected |
Please see https://bugzilla.redhat.com/show_bug.cgi?id=1619748#c3
Vulmon