7.8

CVE-2018-16543

In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ArtifexGhostscript Version < 9.24
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version16.04 SwEditionlts
CanonicalUbuntu Linux Version18.04 SwEditionlts
DebianDebian Linux Version8.0
DebianDebian Linux Version9.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.27% 0.661
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://security.gentoo.org/glsa/201811-12
Third Party Advisory
https://usn.ubuntu.com/3768-1/
Third Party Advisory
https://www.debian.org/security/2018/dsa-4288
Third Party Advisory
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=5b5536fa88a9e885032bc0df3852c3439399a5c0
https://bugs.ghostscript.com/show_bug.cgi?id=699670
Vendor Advisory
Issue Tracking
Permissions Required
https://lists.debian.org/debian-lts-announce/2018/09/msg00038.html
Third Party Advisory
Mailing List