Ghostscript Multiple Security Bypass Vulnerabilities

Bugtraq ID: 105122
Class: Input Validation Error
CVE: CVE-2018-16509
CVE-2018-15910
CVE-2018-15911
Remote: Yes
Local: No
Published: Aug 21 2018 12:00AM
Updated: Apr 26 2019 11:00AM
Credit: Tavis Ormandy.
Vulnerable: Synology Router Manager 1.1
Synology Diskstation Manager 6.2
Synology Diskstation Manager 6.1
Synology Diskstation Manager 5.2
Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Redhat Enterprise Linux 5
Pulse Secure Pulse Connect Secure 9.0R3
Pulse Secure Pulse Connect Secure 9.0R2
Pulse Secure Pulse Connect Secure 9.0R1
Pulse Secure Pulse Connect Secure 8.3R7
Pulse Secure Pulse Connect Secure 8.3R6
Pulse Secure Pulse Connect Secure 8.3R5
Pulse Secure Pulse Connect Secure 8.3R4
Pulse Secure Pulse Connect Secure 8.3R1
Pulse Secure Pulse Connect Secure 8.3 R1
Pulse Secure Pulse Connect Secure 8.2R6
Pulse Secure Pulse Connect Secure 8.2R5
Pulse Secure Pulse Connect Secure 8.2R11
Pulse Secure Pulse Connect Secure 8.2R10
Pulse Secure Pulse Connect Secure 8.2R1.1
Pulse Secure Pulse Connect Secure 8.2R1
Pulse Secure Pulse Connect Secure 8.2R0
Oracle Linux 7
ImageMagick ImageMagick 0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 7.0
GNOME Evince 0
GIMP GIMP 0
Ghostscript Ghostscript 8.15.2
Ghostscript Ghostscript 8.0.1
Ghostscript Ghostscript 9.23
Ghostscript Ghostscript 9.20
Ghostscript Ghostscript 9.19
Ghostscript Ghostscript 9.18
Ghostscript Ghostscript 9.10
Ghostscript Ghostscript 9.05
Ghostscript Ghostscript 9.04
Ghostscript Ghostscript 8.71
Ghostscript Ghostscript 8.70
Ghostscript Ghostscript 8.64
Ghostscript Ghostscript 8.61
Ghostscript Ghostscript 8.60
Ghostscript Ghostscript 8.57
Ghostscript Ghostscript 8.56
Ghostscript Ghostscript 8.54
Ghostscript Ghostscript 8.15
Ghostscript Ghostscript 8 64
Ghostscript Ghostscript 7.07
Ghostscript Ghostscript 7.05
Ghostscript Ghostscript 0
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Debian Linux 4.0 sparc
+ Debian Linux 4.0 s/390
+ Debian Linux 4.0 powerpc
+ Debian Linux 4.0 mipsel
+ Debian Linux 4.0 mips
+ Debian Linux 4.0 m68k
+ Debian Linux 4.0 ia-64
+ Debian Linux 4.0 ia-32
+ Debian Linux 4.0 hppa
+ Debian Linux 4.0 arm
+ Debian Linux 4.0 amd64
+ Debian Linux 4.0 alpha
+ Debian Linux 4.0
CubeSoft CubePDF 1.0.0 RC 12
CubeSoft CubePDF 1.0.0
Not Vulnerable: Pulse Secure Pulse Connect Secure 9.0R4
Pulse Secure Pulse Connect Secure 9.0R3.4
Pulse Secure Pulse Connect Secure 8.3R7.1
Pulse Secure Pulse Connect Secure 8.2R12.1
Ghostscript Ghostscript 9.24
+ CubeSoft CubePDF 1.0 RC 13
CubeSoft CubePDF 1.0 RC 13


 

Privacy Statement
Copyright 2010, SecurityFocus