CVE-2019-10216

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.

References

http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5b85ddd19

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10216

https://security.gentoo.org/glsa/202004-03

Details

Source: MITRE

Published: 2019-11-27

Updated: 2020-09-30

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (24 total)

IDNameProductFamilySeverity
140881EulerOS 2.0 SP3 : ghostscript (EulerOS-SA-2020-2114)NessusHuawei Local Security Checks
high
136252EulerOS Virtualization for ARM 64 3.0.2.0 : ghostscript (EulerOS-SA-2020-1549)NessusHuawei Local Security Checks
high
135661EulerOS Virtualization 3.0.2.2 : ghostscript (EulerOS-SA-2020-1499)NessusHuawei Local Security Checks
critical
135114GLSA-202004-03 : GPL Ghostscript: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
133901EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2020-1100)NessusHuawei Local Security Checks
high
132453NewStart CGSL CORE 5.05 / MAIN 5.05 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0250)NessusNewStart CGSL Local Security Checks
critical
131503EulerOS Virtualization for ARM 64 3.0.3.0 : ghostscript (EulerOS-SA-2019-2338)NessusHuawei Local Security Checks
high
130273Artifex Ghostscript < 9.50 Multiple VulnerabilitiesNessusWindows
critical
129908NewStart CGSL CORE 5.04 / MAIN 5.04 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0203)NessusNewStart CGSL Local Security Checks
critical
129435EulerOS 2.0 SP8 : ghostscript (EulerOS-SA-2019-2076)NessusHuawei Local Security Checks
high
129336openSUSE Security Update : ghostscript (openSUSE-2019-2160)NessusSuSE Local Security Checks
high
128869openSUSE Security Update : ghostscript (openSUSE-2019-2139)NessusSuSE Local Security Checks
high
128678SUSE SLED15 / SLES15 Security Update : ghostscript (SUSE-SU-2019:2348-1)NessusSuSE Local Security Checks
high
128677SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2019:2347-1)NessusSuSE Local Security Checks
high
128273Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20190812)NessusScientific Linux Local Security Checks
high
128041Fedora 30 : ghostscript (2019-93e0145607)NessusFedora Local Security Checks
high
128039Fedora 29 : ghostscript (2019-22f1c93255)NessusFedora Local Security Checks
high
127980Oracle Linux 8 : ghostscript (ELSA-2019-2465)NessusOracle Linux Local Security Checks
high
127979Oracle Linux 7 : ghostscript (ELSA-2019-2462)NessusOracle Linux Local Security Checks
high
127862Debian DLA-1880-1 : ghostscript security updateNessusDebian Local Security Checks
high
127840Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : Ghostscript vulnerability (USN-4092-1)NessusUbuntu Local Security Checks
high
127832RHEL 8 : ghostscript (RHSA-2019:2465)NessusRed Hat Local Security Checks
high
127831RHEL 7 : ghostscript (RHSA-2019:2462)NessusRed Hat Local Security Checks
high
127823Debian DSA-4499-1 : ghostscript - security updateNessusDebian Local Security Checks
high