CVE-2018-15910
Description
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
4.834
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in Ghostscript 9.23 | Windows |
| PostScript and PDF interpreter (USN-3768-1) libgs9_9.10~dfsg-0ubuntu10.13_i386.deb | Linux |
| PostScript and PDF interpreter (USN-3768-1) libgs9_9.10~dfsg-0ubuntu10.13_amd64.deb | Linux |
| PostScript and PDF interpreter (USN-3768-1) libgs9_9.18~dfsg~0-0ubuntu2.9_i386.deb | Linux |
| PostScript and PDF interpreter (USN-3768-1) libgs9_9.18~dfsg~0-0ubuntu2.9_amd64.deb | Linux |
| PostScript and PDF interpreter (USN-3768-1) libgs9_9.22~dfsg+1-0ubuntu1.2_i386.deb | Linux |
| PostScript and PDF interpreter (USN-3768-1) libgs9_9.22~dfsg+1-0ubuntu1.2_amd64.deb | Linux |
| PostScript and PDF interpreter (USN-3768-1) ghostscript_9.10~dfsg-0ubuntu10.13_i386.deb | Linux |
| PostScript and PDF interpreter (USN-3768-1) ghostscript_9.10~dfsg-0ubuntu10.13_amd64.deb | Linux |
| PostScript and PDF interpreter (USN-3768-1) ghostscript_9.18~dfsg~0-0ubuntu2.9_i386.deb | Linux |
| PostScript and PDF interpreter (USN-3768-1) ghostscript_9.18~dfsg~0-0ubuntu2.9_amd64.deb | Linux |
| PostScript and PDF interpreter (USN-3768-1) ghostscript_9.22~dfsg+1-0ubuntu1.2_i386.deb | Linux |
| PostScript and PDF interpreter (USN-3768-1) ghostscript_9.22~dfsg+1-0ubuntu1.2_amd64.deb | Linux |
| ghostscript security update(DSA-4288-1) ghostscript_9.20~dfsg-3.2+deb9u4_i386.deb | Linux |
| ghostscript security update(DSA-4288-1) ghostscript_9.20~dfsg-3.2+deb9u4_amd64.deb | Linux |
| Ghostscript security update (CESA-2018:2918) ghostscript-doc-9.07-29.el7_5.2.noarch.rpm | Linux |
| (RHSA-2018:2918) ghostscript security update ghostscript-9.07-29.el7_5.2.i686.rpm | Linux |
| (RHSA-2018:2918) ghostscript security update ghostscript-9.07-29.el7_5.2.x86_64.rpm | Linux |
| (RHSA-2018:2918) ghostscript security update ghostscript-cups-9.07-29.el7_5.2.x86_64.rpm | Linux |
| (RHSA-2018:2918) ghostscript security update ghostscript-devel-9.07-29.el7_5.2.i686.rpm | Linux |
| (RHSA-2018:2918) ghostscript security update ghostscript-devel-9.07-29.el7_5.2.x86_64.rpm | Linux |
| (RHSA-2018:2918) ghostscript security update ghostscript-doc-9.07-29.el7_5.2.noarch.rpm | Linux |
| (RHSA-2018:2918) ghostscript security update ghostscript-gtk-9.07-29.el7_5.2.x86_64.rpm | Linux |
| SUSE-SU-2018:2975-1(SUSE Linux Enterprise Desktop 12-SP3 ) ghostscript-9.25-23.13.1.x86_64.rpm | Linux |
| SUSE-SU-2018:2975-1(SUSE Linux Enterprise Desktop 12-SP3 ) ghostscript-debuginfo-9.25-23.13.1.x86_64.rpm | Linux |
| SUSE-SU-2018:2975-1(SUSE Linux Enterprise Desktop 12-SP3 ) ghostscript-debugsource-9.25-23.13.1.x86_64.rpm | Linux |
| SUSE-SU-2018:2975-1(SUSE Linux Enterprise Desktop 12-SP3 ) ghostscript-x11-9.25-23.13.1.x86_64.rpm | Linux |
| SUSE-SU-2018:2975-1(SUSE Linux Enterprise Desktop 12-SP3 ) ghostscript-x11-debuginfo-9.25-23.13.1.x86_64.rpm | Linux |
| SUSE-SU-2018:3330-1(SUSE Linux Enterprise Server 11-SP4 ) ghostscript-fonts-other-8.62-32.47.13.1.i586.rpm | Linux |
| SUSE-SU-2018:3330-1(SUSE Linux Enterprise Server 11-SP4 ) ghostscript-fonts-other-8.62-32.47.13.1.x86_64.rpm | Linux |
| SUSE-SU-2018:3330-1(SUSE Linux Enterprise Server 11-SP4 ) ghostscript-fonts-rus-8.62-32.47.13.1.i586.rpm | Linux |
| SUSE-SU-2018:3330-1(SUSE Linux Enterprise Server 11-SP4 ) ghostscript-fonts-rus-8.62-32.47.13.1.x86_64.rpm | Linux |
| SUSE-SU-2018:3330-1(SUSE Linux Enterprise Server 11-SP4 ) ghostscript-fonts-std-8.62-32.47.13.1.i586.rpm | Linux |
| SUSE-SU-2018:3330-1(SUSE Linux Enterprise Server 11-SP4 ) ghostscript-fonts-std-8.62-32.47.13.1.x86_64.rpm | Linux |
| SUSE-SU-2018:3330-1(SUSE Linux Enterprise Server 11-SP4 ) ghostscript-library-8.62-32.47.13.1.i586.rpm | Linux |
| SUSE-SU-2018:3330-1(SUSE Linux Enterprise Server 11-SP4 ) ghostscript-library-8.62-32.47.13.1.x86_64.rpm | Linux |
| SUSE-SU-2018:3330-1(SUSE Linux Enterprise Server 11-SP4 ) ghostscript-omni-8.62-32.47.13.1.i586.rpm | Linux |
| SUSE-SU-2018:3330-1(SUSE Linux Enterprise Server 11-SP4 ) ghostscript-omni-8.62-32.47.13.1.x86_64.rpm | Linux |
| SUSE-SU-2018:3330-1(SUSE Linux Enterprise Server 11-SP4 ) ghostscript-x11-8.62-32.47.13.1.i586.rpm | Linux |
| SUSE-SU-2018:3330-1(SUSE Linux Enterprise Server 11-SP4 ) ghostscript-x11-8.62-32.47.13.1.x86_64.rpm | Linux |
| SUSE-SU-2018:3330-1(SUSE Linux Enterprise Server 11-SP4 ) libgimpprint-4.2.7-32.47.13.1.i586.rpm | Linux |
| SUSE-SU-2018:3330-1(SUSE Linux Enterprise Server 11-SP4 ) libgimpprint-4.2.7-32.47.13.1.x86_64.rpm | Linux |
| ghostscript Security Update (ALAS-2018-1088) ghostscript-devel-9.06-8.amzn2.0.5.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234