CVE-2018-16802 Information

Feb 14, 2021 cve

Description

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect \restoration of privilege\ checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the \pipe\ instruction. This is due to an incomplete fix for CVE-2018-16509.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Reference

http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3e5d316b72e3965b7968bb1d96baa137cd063ac6 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=643b24dbd002fb9c131313253c307cf3951b3d47 https://access.redhat.com/errata/RHSA-2018:3834 https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5812b1b78fc4d36fdc293b7859de69241140d590 https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html https://seclists.org/oss-sec/2018/q3/228 https://seclists.org/oss-sec/2018/q3/229 https://security.gentoo.org/glsa/201811-12 https://usn.ubuntu.com/3768-1/ https://www.debian.org/security/2018/dsa-4294

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8

Share on: