7.8
CVE-2018-17183
- EPSS 1.83%
- Veröffentlicht 19.09.2018 15:29:19
- Zuletzt bearbeitet 21.11.2024 03:54:02
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Artifex ≫ Ghostscript Version < 9.25
Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts
Debian ≫ Debian Linux Version8.0
Redhat ≫ Enterprise Linux Desktop Version7.0
Redhat ≫ Enterprise Linux Server Version7.0
Redhat ≫ Enterprise Linux Server Aus Version7.6
Redhat ≫ Enterprise Linux Server Eus Version7.6
Redhat ≫ Enterprise Linux Server Tus Version7.6
Redhat ≫ Enterprise Linux Workstation Version7.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.83% | 0.761 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
https://access.redhat.com/errata/RHSA-2018:3834
https://usn.ubuntu.com/3773-1/
https://lists.debian.org/debian-lts-announce/2018/09/msg00038.html
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=fb713b3818b52d8a6cf62c951eba2e1795ff9624
https://bugs.ghostscript.com/show_bug.cgi?id=699708