CVE-2019-14813: A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling…

critical9.8CVSS 3.1

AVNACLPRNUINSUCHIHAH

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.

Affected

27 ranges· showing 25

Vendor	Product	Version range	Fixed in
artifex	ghostscript	>= 0 < 9.28~~rc2~dfsg-1	9.28~~rc2~dfsg-1
artifex	ghostscript	>= 0 < 9.28~~rc2~dfsg-1	9.28~~rc2~dfsg-1
artifex	ghostscript	>= 0 < 9.28~~rc2~dfsg-1	9.28~~rc2~dfsg-1
artifex	ghostscript	>= 0 < 9.28~~rc2~dfsg-1	9.28~~rc2~dfsg-1
artifex	ghostscript	>= 0 < 9.26~dfsg+0-0ubuntu0.16.04.11	9.26~dfsg+0-0ubuntu0.16.04.11
artifex	ghostscript	>= 0 < 9.26~dfsg+0-0ubuntu0.18.04.11	9.26~dfsg+0-0ubuntu0.18.04.11
artifex	ghostscript	9.00 – 9.50	—
artifex_software	ghostscript	—	—
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	ghostscript	< ghostscript 9.28~~rc2~dfsg-1 (bookworm)	ghostscript 9.28~~rc2~dfsg-1 (bookworm)
fedoraproject	fedora	—	—
fedoraproject	fedora	—	—
fedoraproject	fedora	—	—
opensuse	leap	—	—
opensuse	leap	—	—
redhat	enterprise_linux	—	—
redhat	enterprise_linux	—	—
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_server	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_tus	—	—
redhat	enterprise_linux_workstation	—	—

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

osv9.8CRITICAL