CVE-2019-3835
Advisory lineage Upstream: 0 Downstream: 14
Modified
Published: 25 Mar 2019, 18:30
Last modified:04 Aug 2024, 19:19
Vulnerability Summary
Overall Risk (default)
medium
30/100 CVSS Score
7.3 HIGH
v3.0 (cve.org)
EPSS Score
1.64% LOW
2% probability -0.03%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
25 Mar 2019, 18:30
Published
Vulnerability first disclosed
04 Aug 2024, 19:19
Last Modified
Vulnerability information updated
Description
It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
- v3.0•HIGH•Score: 7.3CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
- v2.0•MEDIUM•Score: 4.3AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS Trends
Current EPSS score: 1.64%• Percentile: 82%
Techniques & Countermeasures
- CWE-862•Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
- CWE-648•Incorrect Use of Privileged APIs
The product does not conform to the API requirements for a function call that requires extra privileges. This could allow attackers to gain privileges by causing the function to be called incorrectly.
Affected Systems
- Unknown•Ghostscript
< 9.27
- debian•debian_linux
8.0 | 9.0
- fedoraproject•fedora
28 | 29 | 30
- opensuse•leap
15.0 | 15.1
- redhat•ansible_tower
3.3
- redhat•enterprise_linux_desktop
7.0
- redhat•enterprise_linux_server
7.0
- redhat•enterprise_linux_server_aus
7.6
- redhat•enterprise_linux_server_eus
7.6
- redhat•enterprise_linux_server_tus
7.6
- redhat•enterprise_linux_workstation
7.0
- the ghostscript project•ghostscript
9.27
References (16)
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3835
- https://bugs.ghostscript.com/show_bug.cgi?id=700585
- https://access.redhat.com/errata/RHSA-2019:0652
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVERLGEU3OV6RNZ2SIBXREWD3BF5H23N/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANBSCZABXQUEQWIKNWJ35IYX24M227EI/
- https://seclists.org/bugtraq/2019/Apr/4
- http://packetstormsecurity.com/files/152367/Slackware-Security-Advisory-ghostscript-Updates.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A43SRQAEHQCKSEMIBINHUNIGHTDCZD7F/
- https://www.debian.org/security/2019/dsa-4432
- https://seclists.org/bugtraq/2019/Apr/28
- http://www.securityfocus.com/bid/107855
- https://lists.debian.org/debian-lts-announce/2019/04/msg00021.html
- https://access.redhat.com/errata/RHSA-2019:0971
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00090.html
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html
- https://security.gentoo.org/glsa/202004-03