CVE Vulnerabilities

CVE-2018-17183

Published: Sep 19, 2018 | Modified: Nov 21, 2024
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
7.5 IMPORTANT
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Ubuntu
MEDIUM

Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.

Affected Software

Name Vendor Start Version End Version
Ghostscript Artifex * 9.25 (excluding)
Ubuntu_linux Canonical 14.04 (including) 14.04 (including)
Ubuntu_linux Canonical 16.04 (including) 16.04 (including)
Ubuntu_linux Canonical 18.04 (including) 18.04 (including)
Debian_linux Debian 8.0 (including) 8.0 (including)
Red Hat Enterprise Linux 7 RedHat ghostscript-0:9.07-31.el7_6.6 *
Ghostscript Ubuntu bionic *
Ghostscript Ubuntu trusty *
Ghostscript Ubuntu upstream *
Ghostscript Ubuntu xenial *

References