In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
No history.
Information
Published : 2018-08-28 04:29
Updated : 2024-11-21 03:51
NVD link : CVE-2018-15911
Mitre link : CVE-2018-15911
CVE.ORG link : CVE-2018-15911
JSON object : View
Products Affected
artifex
- gpl_ghostscript
- ghostscript
redhat
- enterprise_linux_workstation
- enterprise_linux_server_aus
- enterprise_linux_server_eus
- enterprise_linux_desktop
- enterprise_linux_server
- enterprise_linux_server_tus
debian
- debian_linux
canonical
- ubuntu_linux
pulsesecure
- pulse_connect_secure
CWE
CWE-908
Use of Uninitialized Resource