CVE-2018-18073Sensitive Information Exposure in Ghostscript

CWE-200Sensitive Information ExposureCWE-460Improper Cleanup on Thrown Exception9 documents8 sources
Severity
6.3MEDIUMNVD
EPSS
0.3%
top 48.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Artifex GhostscriptCanonical Ubuntu LinuxDebian Linux+6 more
Timeline
PublishedOct 15
Latest updateMay 13

Description

Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:NExploitability: 1.8 | Impact: 4.0

Affected Packages5 packages

Debianartifex/ghostscript< 9.25~dfsg-3+3

Also affects: Debian Linux 8.0, 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 18.10, Enterprise Linux 7.6

Patches

Patch: www.openwall.comPatch: bugs.chromium.orgPatch: bugs.ghostscript.com

🔴Vulnerability Details

3
GHSA
GHSA-38q2-vj2m-g35p: Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack2022-05-13
CVEList
CVE-2018-18073: Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack2018-10-15
OSV
CVE-2018-18073: Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack2018-10-15

📋Vendor Advisories

3
Ubuntu
Ghostscript vulnerabilities2018-10-30
Red Hat
ghostscript: Saved execution stacks can leak operator arrays2018-10-09
Debian
CVE-2018-18073: ghostscript - Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by...2018

💬Community

2
Bugzilla
CVE-2018-18073 ghostscript: Saved execution stacks can leak operator arrays2018-10-24
Bugzilla
CVE-2018-18073 ghostscript: Saved execution stacks can leak operator arrays [fedora-all]2018-10-24
CVE-2018-18073 — Sensitive Information Exposure | cvebase