Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871814
Category:Red Hat Local Security Checks
Title:RedHat Update for ghostscript RHSA-2017:1230-01
Summary:The remote host is missing an update for the 'ghostscript'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'ghostscript'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The Ghostscript suite contains utilities
for rendering PostScript and PDF documents. Ghostscript translates PostScript
code to common bitmap formats so that the code can be displayed or printed.


Security Fix(es):


* It was found that ghostscript did not properly validate the parameters
passed to the .rsdparams and .eqproc functions. During its execution, a
specially crafted PostScript document could execute code in the context of
the ghostscript process, bypassing the -dSAFER protection. (CVE-2017-8291)

Affected Software/OS:
ghostscript on
Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Server (v. 7),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-8291
BugTraq ID: 98476
http://www.securityfocus.com/bid/98476
Debian Security Information: DSA-3838 (Google Search)
http://www.debian.org/security/2017/dsa-3838
https://www.exploit-db.com/exploits/41955/
https://security.gentoo.org/glsa/201708-06
http://openwall.com/lists/oss-security/2017/04/28/2
https://bugs.ghostscript.com/show_bug.cgi?id=697808
https://bugzilla.redhat.com/show_bug.cgi?id=1446063
https://bugzilla.suse.com/show_bug.cgi?id=1036453
RedHat Security Advisories: RHSA-2017:1230
https://access.redhat.com/errata/RHSA-2017:1230
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.