CVE-2018-19475
Description
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
63.587
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in Ghostscript 9.25 | Windows |
| PostScript and PDF interpreter (USN-3831-1) libgs9_9.26~dfsg+0-0ubuntu0.14.04.1_i386.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) libgs9_9.26~dfsg+0-0ubuntu0.14.04.1_amd64.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) libgs9_9.26~dfsg+0-0ubuntu0.16.04.1_i386.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) libgs9_9.26~dfsg+0-0ubuntu0.16.04.1_amd64.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) libgs9_9.26~dfsg+0-0ubuntu0.18.04.1_i386.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) libgs9_9.26~dfsg+0-0ubuntu0.18.04.1_amd64.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) libgs9_9.26~dfsg+0-0ubuntu0.18.10.1_i386.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) libgs9_9.26~dfsg+0-0ubuntu0.18.10.1_amd64.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) ghostscript_9.26~dfsg+0-0ubuntu0.14.04.1_i386.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) ghostscript_9.26~dfsg+0-0ubuntu0.14.04.1_amd64.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) ghostscript_9.26~dfsg+0-0ubuntu0.16.04.1_i386.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) ghostscript_9.26~dfsg+0-0ubuntu0.16.04.1_amd64.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) ghostscript_9.26~dfsg+0-0ubuntu0.18.04.1_i386.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) ghostscript_9.26~dfsg+0-0ubuntu0.18.04.1_amd64.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) ghostscript_9.26~dfsg+0-0ubuntu0.18.10.1_i386.deb | Linux |
| PostScript and PDF interpreter (USN-3831-1) ghostscript_9.26~dfsg+0-0ubuntu0.18.10.1_amd64.deb | Linux |
| ghostscript security update(DSA-4346-1) ghostscript_9.26~dfsg-0+deb9u1_i386.deb | Linux |
| ghostscript security update(DSA-4346-1) ghostscript_9.26~dfsg-0+deb9u1_amd64.deb | Linux |
| Ghostscript security update (CESA-2019:0229) ghostscript-9.07-31.el7_6.9.i686.rpm | Linux |
| Ghostscript security update (CESA-2019:0229) ghostscript-9.07-31.el7_6.9.x86_64.rpm | Linux |
| Ghostscript security update (CESA-2019:0229) ghostscript-doc-9.07-31.el7_6.9.noarch.rpm | Linux |
| Ghostscript security update (CESA-2019:0229) ghostscript-gtk-9.07-31.el7_6.9.x86_64.rpm | Linux |
| Ghostscript security update (CESA-2019:0229) ghostscript-cups-9.07-31.el7_6.9.x86_64.rpm | Linux |
| Ghostscript security update (CESA-2019:0229) ghostscript-devel-9.07-31.el7_6.9.i686.rpm | Linux |
| Ghostscript security update (CESA-2019:0229) ghostscript-devel-9.07-31.el7_6.9.x86_64.rpm | Linux |
| (RHSA-2019:0229) ghostscript security and bug fix update ghostscript-9.07-31.el7_6.9.i686.rpm | Linux |
| (RHSA-2019:0229) ghostscript security and bug fix update ghostscript-9.07-31.el7_6.9.x86_64.rpm | Linux |
| (RHSA-2019:0229) ghostscript security and bug fix update ghostscript-cups-9.07-31.el7_6.9.x86_64.rpm | Linux |
| (RHSA-2019:0229) ghostscript security and bug fix update ghostscript-devel-9.07-31.el7_6.9.i686.rpm | Linux |
| (RHSA-2019:0229) ghostscript security and bug fix update ghostscript-devel-9.07-31.el7_6.9.x86_64.rpm | Linux |
| (RHSA-2019:0229) ghostscript security and bug fix update ghostscript-doc-9.07-31.el7_6.9.noarch.rpm | Linux |
| (RHSA-2019:0229) ghostscript security and bug fix update ghostscript-gtk-9.07-31.el7_6.9.x86_64.rpm | Linux |
| (CESA-2019:0229) ghostscript security and bug fix update ghostscript-doc-9.07-31.el7_6.9.noarch.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234