psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
Advisories
Source ID Title
Debian DLA Debian DLA DLA-1598-1 ghostscript security update
Debian DSA Debian DSA DSA-4346-1 ghostscript security update
Ubuntu USN Ubuntu USN USN-3831-1 Ghostscript vulnerabilities
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-05T11:37:11.442Z

Reserved: 2018-11-22T00:00:00

Link: CVE-2018-19475

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-11-23T05:29:03.763

Modified: 2024-11-21T03:57:59.320

Link: CVE-2018-19475

cve-icon Redhat

Severity : Important

Publid Date: 2018-11-20T00:00:00Z

Links: CVE-2018-19475 - Bugzilla

cve-icon OpenCVE Enrichment

No data.