CVE-2018-19134
Advisory lineage Upstream: 0 Downstream: 5
Modified
Published: 20 Dec 2018, 22:00
Last modified:05 Aug 2024, 11:30
Vulnerability Summary
Overall Risk (default)
medium
41/100 CVSS Score
7.8 HIGH
v3.0 (nvd)
EPSS Score
1.31% LOW
1% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
1 found
Dark Web
Not detected
Timeline
20 Dec 2018, 22:00
Published
Vulnerability first disclosed
05 Aug 2024, 11:30
Last Modified
Vulnerability information updated
Description
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue because of failure to check whether the Implementation of a pattern dictionary was a structure type.
CVSS Metrics
- v3.0•HIGH•Score: 7.8CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- v2.0•MEDIUM•Score: 6.8AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS Trends
Current EPSS score: 1.31%• Percentile: 80%
Techniques & Countermeasures
- CWE-704•Incorrect Type Conversion or Cast
The product does not correctly convert an object, resource, or structure from one type to a different type.
Affected Systems
- Unknown•Ghostscript
≤ 9.25
- debian•debian_linux
8.0
- redhat•enterprise_linux_desktop
7.0
- redhat•enterprise_linux_server
7.0
- redhat•enterprise_linux_server_aus
7.6
- redhat•enterprise_linux_server_eus
7.6
- redhat•enterprise_linux_workstation
7.0
References (7)
- https://access.redhat.com/errata/RHSA-2018:3834
- https://bugs.ghostscript.com/show_bug.cgi?id=700141
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=693baf02152119af6e6afd30bb8ec76d14f84bbf
- https://semmle.com/news/semmle-discovers-severe-vulnerability-ghostscript-postscript-pdf
- http://www.securityfocus.com/bid/106278
- https://lists.debian.org/debian-lts-announce/2018/12/msg00019.html
- https://www.ghostscript.com/doc/9.26/News.htm