Ghostscript Multiple Security Bypass Vulnerabilities

Bugtraq ID: 105122
Class: Input Validation Error
CVE: CVE-2018-16509
CVE-2018-15910
CVE-2018-15911
Remote: Yes
Local: No
Published: Aug 21 2018 12:00AM
Updated: Oct 29 2018 12:00PM
Credit: Tavis Ormandy.
Vulnerable: Synology Router Manager 1.1
Synology Diskstation Manager 6.2
Synology Diskstation Manager 6.1
Synology Diskstation Manager 5.2
Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Redhat Enterprise Linux 5
Oracle Linux 7
ImageMagick ImageMagick 0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 7.0
GNOME Evince 0
GIMP GIMP 0
Ghostscript Ghostscript 8.15.2
Ghostscript Ghostscript 8.0.1
Ghostscript Ghostscript 9.23
Ghostscript Ghostscript 9.20
Ghostscript Ghostscript 9.19
Ghostscript Ghostscript 9.18
Ghostscript Ghostscript 9.10
Ghostscript Ghostscript 9.05
Ghostscript Ghostscript 9.04
Ghostscript Ghostscript 8.71
Ghostscript Ghostscript 8.70
Ghostscript Ghostscript 8.64
Ghostscript Ghostscript 8.61
Ghostscript Ghostscript 8.60
Ghostscript Ghostscript 8.57
Ghostscript Ghostscript 8.56
Ghostscript Ghostscript 8.54
Ghostscript Ghostscript 8.15
Ghostscript Ghostscript 8 64
Ghostscript Ghostscript 7.07
Ghostscript Ghostscript 7.05
Ghostscript Ghostscript 0
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Debian Linux 4.0 sparc
+ Debian Linux 4.0 s/390
+ Debian Linux 4.0 powerpc
+ Debian Linux 4.0 mipsel
+ Debian Linux 4.0 mips
+ Debian Linux 4.0 m68k
+ Debian Linux 4.0 ia-64
+ Debian Linux 4.0 ia-32
+ Debian Linux 4.0 hppa
+ Debian Linux 4.0 arm
+ Debian Linux 4.0 amd64
+ Debian Linux 4.0 alpha
+ Debian Linux 4.0
CubeSoft CubePDF 1.0.0 RC 12
CubeSoft CubePDF 1.0.0
Not Vulnerable: Ghostscript Ghostscript 9.24
CubeSoft CubePDF 1.0 RC 13


 

Privacy Statement
Copyright 2010, SecurityFocus