CVE-2018-15911

MEDIUM

Description

In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code.

References

http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=8e9ce5016db968b40e4ec255a3005f2786cce45f

http://www.securityfocus.com/bid/105122

https://access.redhat.com/errata/RHSA-2018:3834

https://bugs.ghostscript.com/show_bug.cgi?id=699665

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101

https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html

https://security.gentoo.org/glsa/201811-12

https://usn.ubuntu.com/3768-1/

https://www.debian.org/security/2018/dsa-4288

https://www.kb.cert.org/vuls/id/332928

Details

Source: MITRE

Published: 2018-08-28

Updated: 2019-04-25

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Vulnerable Software

ID	Name	Product	Family	Severity
127227	NewStart CGSL CORE 5.04 / MAIN 5.04 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0046)	Nessus	NewStart CGSL Local Security Checks	high
124887	EulerOS Virtualization for ARM 64 3.0.1.0 : ghostscript (EulerOS-SA-2019-1384)	Nessus	Huawei Local Security Checks	high
124766	Pulse Connect Secure Multiple Vulnerabilities (SA44101)	Nessus	Misc.	high
123895	EulerOS Virtualization 2.5.4 : ghostscript (EulerOS-SA-2019-1209)	Nessus	Huawei Local Security Checks	high
123891	EulerOS Virtualization 2.5.3 : ghostscript (EulerOS-SA-2019-1205)	Nessus	Huawei Local Security Checks	high
123326	openSUSE Security Update : ghostscript (openSUSE-2019-759)	Nessus	SuSE Local Security Checks	high
122376	EulerOS 2.0 SP2 : ghostscript (EulerOS-SA-2019-1049)	Nessus	Huawei Local Security Checks	high
122169	EulerOS 2.0 SP3 : ghostscript (EulerOS-SA-2019-1022)	Nessus	Huawei Local Security Checks	high
121276	EulerOS Virtualization 2.5.1 : ghostscript (EulerOS-SA-2019-1016)	Nessus	Huawei Local Security Checks	high
120992	EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2019-1004)	Nessus	Huawei Local Security Checks	high
120572	Fedora 29 : ghostscript (2018-81ee973d7c)	Nessus	Fedora Local Security Checks	medium
120437	Fedora 28 : ghostscript (2018-56221eb24b)	Nessus	Fedora Local Security Checks	medium
120116	SUSE SLED15 / SLES15 Security Update : ghostscript (SUSE-SU-2018:2976-1)	Nessus	SuSE Local Security Checks	high
119901	EulerOS Virtualization 2.5.2 : ghostscript (EulerOS-SA-2018-1412)	Nessus	Huawei Local Security Checks	high
119883	Scientific Linux Security Update : ghostscript on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	high
119757	Oracle Linux 7 : ghostscript (ELSA-2018-3834)	Nessus	Oracle Linux Local Security Checks	high
119754	CentOS 7 : ghostscript (CESA-2018:3834)	Nessus	CentOS Local Security Checks	high
119736	RHEL 7 : ghostscript (RHSA-2018:3834)	Nessus	Red Hat Local Security Checks	high
119132	GLSA-201811-12 : GPL Ghostscript: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
118298	SUSE SLES12 Security Update : ghostscript (SUSE-SU-2018:2975-2)	Nessus	SuSE Local Security Checks	high
118043	Amazon Linux 2 : ghostscript (ALAS-2018-1088)	Nessus	Amazon Linux Local Security Checks	high
117980	openSUSE Security Update : ghostscript (openSUSE-2018-1123)	Nessus	SuSE Local Security Checks	high
117979	openSUSE Security Update : ghostscript (openSUSE-2018-1122)	Nessus	SuSE Local Security Checks	high
117901	SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2018:2975-1)	Nessus	SuSE Local Security Checks	high
117595	Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : ghostscript vulnerabilities (USN-3768-1)	Nessus	Ubuntu Local Security Checks	high
117487	Debian DLA-1504-1 : ghostscript security update	Nessus	Debian Local Security Checks	high
117459	Artifex Ghostscript Multiple Vulnerabilities	Nessus	Windows	high
117372	Fedora 27 : ghostscript (2018-28447b6f2e)	Nessus	Fedora Local Security Checks	medium
117369	Debian DSA-4288-1 : ghostscript - security update	Nessus	Debian Local Security Checks	medium
112281	FreeBSD : Ghostscript -- arbitrary code execution (30c0f878-b03e-11e8-be8a-0011d823eebd)	Nessus	FreeBSD Local Security Checks	medium