Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2018-1430)

Information

Severity

Severity

Critical

Family

Family

Huawei EulerOS Local Security Checks

CVSSv2 Base

CVSSv2 Base

9.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

4 years ago

Modified

Modified

4 years ago

Summary

The remote host is missing an update for the Huawei EulerOS 'ghostscript' package(s) announced via the EulerOS-SA-2018-1430 advisory.

Insight

Insight

ghostscript: /invalidaccess bypass after failed restore.(CVE-2018-16509) ghostscript: LockDistillerParams type confusion.(CVE-2018-15910) ghostscript: definemodifiedfont memory corruption if /typecheck is handled.(CVE-2018-16542) ghostscript: Stack-based out-of-bounds write in pdf_set_text_matrix function in gdevpdts.c (CVE-2018-10194) ghostscript: incorrect free logic in pagedevice replacement.(CVE-2018-16541) ghostscript:se-after-free in copydevice handling.(CVE-2018-16540) ghostscript:gssetresolution and gsgetresolution memory corruption.(CVE-2018-16543)

Affected Software

Affected Software

'ghostscript' package(s) on Huawei EulerOS V2.0SP2.

Detection Method

Detection Method

Checks if a vulnerable package version is present on the target host.

Solution

Solution

Please install the updated package(s).