{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-09-10T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered in Artifex Ghostscript before 9.25. Incorrect \"restoration of privilege\" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the \"pipe\" instruction. This is due to an incomplete fix for CVE-2018-16509."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-12-18T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20180909 Re: Ghostscript 9.24 issues", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://seclists.org/oss-sec/2018/q3/228"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=5812b1b78fc4d36fdc293b7859de69241140d590"}, {"tags": ["x_refsource_MISC"], "url": "https://seclists.org/oss-sec/2018/q3/229"}, {"name": "GLSA-201811-12", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201811-12"}, {"name": "USN-3768-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3768-1/"}, {"name": "RHSA-2018:3834", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:3834"}, {"name": "DSA-4294", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4294"}, {"name": "[debian-lts-announce] 20180913 [SECURITY] [DLA 1504-1] ghostscript security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html"}, {"tags": ["x_refsource_MISC"], "url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=643b24dbd002fb9c131313253c307cf3951b3d47"}, {"tags": ["x_refsource_MISC"], "url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=3e5d316b72e3965b7968bb1d96baa137cd063ac6"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16802", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Artifex Ghostscript before 9.25. Incorrect \"restoration of privilege\" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the \"pipe\" instruction. This is due to an incomplete fix for CVE-2018-16509."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20180909 Re: Ghostscript 9.24 issues", "refsource": "MLIST", "url": "https://seclists.org/oss-sec/2018/q3/228"}, {"name": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5812b1b78fc4d36fdc293b7859de69241140d590", "refsource": "CONFIRM", "url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5812b1b78fc4d36fdc293b7859de69241140d590"}, {"name": "https://seclists.org/oss-sec/2018/q3/229", "refsource": "MISC", "url": "https://seclists.org/oss-sec/2018/q3/229"}, {"name": "GLSA-201811-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201811-12"}, {"name": "USN-3768-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3768-1/"}, {"name": "RHSA-2018:3834", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3834"}, {"name": "DSA-4294", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4294"}, {"name": "[debian-lts-announce] 20180913 [SECURITY] [DLA 1504-1] ghostscript security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html"}, {"name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=643b24dbd002fb9c131313253c307cf3951b3d47", "refsource": "MISC", "url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=643b24dbd002fb9c131313253c307cf3951b3d47"}, {"name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3e5d316b72e3965b7968bb1d96baa137cd063ac6", "refsource": "MISC", "url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3e5d316b72e3965b7968bb1d96baa137cd063ac6"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T10:32:53.992Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20180909 Re: Ghostscript 9.24 issues", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://seclists.org/oss-sec/2018/q3/228"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=5812b1b78fc4d36fdc293b7859de69241140d590"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://seclists.org/oss-sec/2018/q3/229"}, {"name": "GLSA-201811-12", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201811-12"}, {"name": "USN-3768-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3768-1/"}, {"name": "RHSA-2018:3834", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:3834"}, {"name": "DSA-4294", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4294"}, {"name": "[debian-lts-announce] 20180913 [SECURITY] [DLA 1504-1] ghostscript security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=643b24dbd002fb9c131313253c307cf3951b3d47"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=3e5d316b72e3965b7968bb1d96baa137cd063ac6"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-16802", "datePublished": "2018-09-10T16:00:00", "dateReserved": "2018-09-10T00:00:00", "dateUpdated": "2024-08-05T10:32:53.992Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*", "matchCriteriaId": "88151EB9-3929-4D94-8890-166F14497C75", "versionEndExcluding": "9.25", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in Artifex Ghostscript before 9.25. Incorrect \"restoration of privilege\" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the \"pipe\" instruction. This is due to an incomplete fix for CVE-2018-16509."}, {"lang": "es", "value": "Se ha descubierto un problema en versiones anteriores a la 9.25 de Artifex Ghostscript. La comprobaci\u00f3n incorrecta de \"restoration of privilege\" al quedarse sin pila durante el manejo de excepciones podr\u00eda ser empleada por atacantes que sean capaces de proporcionar PostScript manipulado para ejecutar c\u00f3digo mediante la instrucci\u00f3n \"pipe\". Esta vulnerabilidad existe debido a una soluci\u00f3n incompleta para CVE-2018-16509"}], "id": "CVE-2018-16802", "lastModified": "2023-11-07T02:53:56.210", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-09-10T16:29:00.950", "references": [{"source": "cve@mitre.org", "url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=3e5d316b72e3965b7968bb1d96baa137cd063ac6"}, {"source": "cve@mitre.org", "url": "http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=643b24dbd002fb9c131313253c307cf3951b3d47"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:3834"}, {"source": "cve@mitre.org", "url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=5812b1b78fc4d36fdc293b7859de69241140d590"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/oss-sec/2018/q3/228"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/oss-sec/2018/q3/229"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201811-12"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3768-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4294"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2018:3834", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "ghostscript-0:9.07-31.el7_6.6", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-12-17T00:00:00Z"}], "bugzilla": {"description": "ghostscript: Incorrect \"restoration of privilege\" checking when running out of stack during exception handling", "id": "1627959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1627959"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.3", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "status": "verified"}, "cwe": "CWE-20", "details": ["An issue was discovered in Artifex Ghostscript before 9.25. Incorrect \"restoration of privilege\" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the \"pipe\" instruction. This is due to an incomplete fix for CVE-2018-16509."], "mitigation": {"lang": "en:us", "value": "Please refer to the \"Mitigation\" section of CVE-2018-16509 : https://access.redhat.com/security/cve/cve-2018-16509"}, "name": "CVE-2018-16802", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "ghostscript", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "ghostscript", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "ghostscript", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2018-09-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-16802\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-16802"], "statement": "This issue affects the versions of ghostscript as shipped with Red Hat Enterprise Linux 7. This issue did not affect the versions of ghostscript as shipped with Red Hat Enterprise Linux 5 and 6.", "threat_severity": "Important", "upstream_fix": "ghostscript 9.25"}