|
|
|||
| Rule General Information |
|---|
| Release Date: | 2022-01-25 | |
| Rule Name: | Artifex Software Ghostscript Remote Code Execution Vulnerability (CVE-2018-19475) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same. | |
| Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | SecurityFocusBID:106154 http://git.ghostscript.com/?p=ghostpdl.git a=commit h=3005fcb9bb160af199e761e03bc70a9f249a987e |
|
| Solutions |
|---|
| The vendor has released upgrade patches to fix vulnerabilities, please visit: https://www.ghostscript.com/doc/9.26/History9.htm#Version9.26 |