CVE-2019-3835 - Improper Access Control

Severity

43%

Complexity

86%

Confidentiality

48%

It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.

It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.

CVSS 3.0 Base Score 5.5. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N).

Overview

First reported 5 years ago

2019-03-25 19:29:00

Last updated 5 years ago

2019-05-07 07:29:00

Affected Software

Artifex Ghostscript

Red Hat Ansible Tower 3.3

3.3

RedHat Enterprise Linux Desktop 7.0

7.0

RedHat Enterprise Linux Server 7.0

7.0

Red Hat Enterprise Linux Server Advanced mission critical Update Support (AUS) 7.6

7.6

Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.6

7.6

Red Hat Enterprise Linux Server Telecommunications Update Service (TUS) 7.6

7.6

RedHat Enterprise Linux Workstation 7.0

7.0

Fedora 28

28

Fedora 29

29

Fedora 30

30

Debian Linux 8.0 (Jessie)

8.0

Debian Linux 9.0

9.0

References

openSUSE-SU-2019:2223

openSUSE-SU-2019:2222

http://packetstormsecurity.com/files/152367/Slackware-Security-Advisory-ghostscript-Updates.html

Third Party Advisory, VDB Entry

107855

Third Party Advisory, VDB Entry

RHSA-2019:0652

Third Party Advisory

RHSA-2019:0971

https://bugs.ghostscript.com/show_bug.cgi?id=700585

Permissions Required, Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3835

Issue Tracking, Third Party Advisory

[debian-lts-announce] 20190423 [SECURITY] [DLA 1761-1] ghostscript security update

Mailing List, Third Party Advisory

FEDORA-2019-9f28451404

Mailing List, Release Notes, Third Party Advisory

FEDORA-2019-1a2c059afd

Mailing List, Release Notes, Third Party Advisory

FEDORA-2019-d5d9cfd359

Mailing List, Release Notes, Third Party Advisory

20190417 [SECURITY] [DSA 4432-1] ghostscript security update

Mailing List, Third Party Advisory

20190402 [slackware-security] ghostscript (SSA:2019-092-01)

Mailing List, Third Party Advisory

GLSA-202004-03

DSA-4432

Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.