| In Artifex Ghostscript 9.23 prima 2018/08/24, un tipo confusione utilizzando l’operatore .shfill potrebbe essere utilizzato da malintenzionati in grado di fornire i file PostScript realizzato per mandare in crash l’interprete o potenzialmente eseguire codice. |
| http://www.securityfocus.com/bid/105178 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 https://support.f5.com/csp/article/K24803507?utm_source=f5support&utm_medium=RSS https://security.gentoo.org/glsa/201811-12 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0b6cd1918e1ec4ffd087400a754a845180a4522b http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=e01e77a36cbb2e0277bc3a63852244bec41be0f6 https://www.kb.cert.org/vuls/id/332928 https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html https://access.redhat.com/errata/RHSA-2018:3650 https://usn.ubuntu.com/3768-1/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15909 |
Vulnerabilità: CVE-2018-15909
