CVE-2019-3839

MEDIUM

Description

It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.27 are vulnerable.

References

http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4ec9ca74bed49f2a82acb4bf430eae0d8b3b75c9

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00090.html

https://access.redhat.com/errata/RHSA-2019:0971

https://access.redhat.com/errata/RHSA-2019:1017

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3839

https://lists.debian.org/debian-lts-announce/2019/05/msg00023.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/6AATIHU32MYKUOXQDJQU4X4DDVL7NAY3/

https://lists.fedoraproject.org/archives/list/[email protected]/message/ZP34D27RKYV2POJ3NJLSVCHUA5V5C45A/

https://seclists.org/bugtraq/2019/May/23

https://usn.ubuntu.com/3970-1/

https://www.debian.org/security/2019/dsa-4442

Details

Source: MITRE

Published: 2019-05-16

Updated: 2019-05-30

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (23 total)

ID	Name	Product	Family	Severity
129601	Fedora 31 : ghostscript (2019-0a9d525d71)	Nessus	Fedora Local Security Checks	high
129483	openSUSE Security Update : ghostscript (openSUSE-2019-2223)	Nessus	SuSE Local Security Checks	high
129482	openSUSE Security Update : ghostscript (openSUSE-2019-2222)	Nessus	SuSE Local Security Checks	high
129423	Fedora 29 : ghostscript (2019-ebd6c4f15a)	Nessus	Fedora Local Security Checks	high
129404	SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2019:2478-1)	Nessus	SuSE Local Security Checks	high
129381	SUSE SLED15 / SLES15 Security Update : ghostscript (SUSE-SU-2019:2460-1)	Nessus	SuSE Local Security Checks	high
129323	Fedora 30 : ghostscript (2019-953fc0f16d)	Nessus	Fedora Local Security Checks	high
129224	EulerOS 2.0 SP3 : ghostscript (EulerOS-SA-2019-2031)	Nessus	Huawei Local Security Checks	medium
127568	Oracle Linux 8 : ghostscript (ELSA-2019-0971)	Nessus	Oracle Linux Local Security Checks	medium
127300	NewStart CGSL CORE 5.05 / MAIN 5.05 : ghostscript Vulnerability (NS-SA-2019-0085)	Nessus	NewStart CGSL Local Security Checks	medium
127293	NewStart CGSL CORE 5.04 / MAIN 5.04 : ghostscript Vulnerability (NS-SA-2019-0081)	Nessus	NewStart CGSL Local Security Checks	medium
126858	EulerOS 2.0 SP2 : ghostscript (EulerOS-SA-2019-1731)	Nessus	Huawei Local Security Checks	medium
125631	Artifex Ghostscript < 9.27 PostScript Security Bypass Vulnerability	Nessus	Windows	medium
125565	EulerOS Virtualization for ARM 64 3.0.2.0 : ghostscript (EulerOS-SA-2019-1613)	Nessus	Huawei Local Security Checks	medium
125503	EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2019-1576)	Nessus	Huawei Local Security Checks	medium
125286	Virtuozzo 7 : ghostscript / ghostscript-cups / ghostscript-devel / etc (VZLSA-2019-1017)	Nessus	Virtuozzo Local Security Checks	medium
125106	Oracle Linux 7 : ghostscript (ELSA-2019-1017)	Nessus	Oracle Linux Local Security Checks	medium
124871	CentOS 7 : ghostscript (CESA-2019:1017)	Nessus	CentOS Local Security Checks	medium
124780	Debian DSA-4442-1 : ghostscript - security update	Nessus	Debian Local Security Checks	medium
124717	Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : ghostscript vulnerability (USN-3970-1)	Nessus	Ubuntu Local Security Checks	medium
124704	Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20190507)	Nessus	Scientific Linux Local Security Checks	medium
124690	RHEL 7 : ghostscript (RHSA-2019:1017)	Nessus	Red Hat Local Security Checks	medium
124664	RHEL 8 : ghostscript (RHSA-2019:0971)	Nessus	Red Hat Local Security Checks	medium