CVE-2018-16541
published 2018-09-05CVE-2018-16541: In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the…
medium5.5CVSS 3.0
AVLACLPRNUIRSUCNINAH
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | ghostscript | < 9.24 | 9.24 |
| artifex | ghostscript | >= 0 < 9.22~dfsg-3 | 9.22~dfsg-3 |
| artifex | ghostscript | >= 0 < 9.22~dfsg-3 | 9.22~dfsg-3 |
| artifex | ghostscript | >= 0 < 9.22~dfsg-3 | 9.22~dfsg-3 |
| artifex | ghostscript | >= 0 < 9.22~dfsg-3 | 9.22~dfsg-3 |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | ghostscript | < ghostscript 9.22~dfsg-3 (bookworm) | ghostscript 9.22~dfsg-3 (bookworm) |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_server_tus | — | — |
| redhat | enterprise_linux_workstation | — | — |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv5.5MEDIUM