CVE-2018-16510
Last modified
CVE-2018-16510 is a vulnerability of currently unknown severity. An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact.. EPSS estimates a 1.75% chance of exploitation in the next 30 days.
Description
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Artifex | Ghostscript | < 9.24 |
| Canonical | Ubuntu Linux | 14.04 |
| Canonical | Ubuntu Linux | 16.04 |
| Canonical | Ubuntu Linux | 18.04 |
| Artifex | Gpl Ghostscript | < 9.26 |
References
- http://openwall.com/lists/oss-security/2018/08/27/4Issue Tracking, Mailing List, Patch, Third Party Advisory
- https://bugs.ghostscript.com/show_bug.cgi?id=699671Issue Tracking, Permissions Required
- https://security.gentoo.org/glsa/201811-12Third Party Advisory
- https://usn.ubuntu.com/3768-1/Third Party Advisory
- https://usn.ubuntu.com/3773-1/Third Party Advisory
- http://openwall.com/lists/oss-security/2018/08/27/4Issue Tracking, Mailing List, Patch, Third Party Advisory
- https://bugs.ghostscript.com/show_bug.cgi?id=699671Issue Tracking, Permissions Required
- https://security.gentoo.org/glsa/201811-12Third Party Advisory
- https://usn.ubuntu.com/3768-1/Third Party Advisory
- https://usn.ubuntu.com/3773-1/Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-16510?
How severe is CVE-2018-16510?
How do I fix CVE-2018-16510?
Are you affected by CVE-2018-16510?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST