An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.
History

Thu, 14 Nov 2024 02:30:00 +0000

Type Values Removed Values Added
First Time appeared Debian
Debian debian Linux
Suse
Suse linux Enterprise High Performance Computing
Suse linux Enterprise Server
Suse linux Enterprise Server For Sap
CPEs cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:12.0:sp5:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:ltss_extended_security:*:*:*
cpe:2.3:o:suse:linux_enterprise_server_for_sap:12:sp5:*:*:*:*:*:*
Vendors & Products Debian
Debian debian Linux
Suse
Suse linux Enterprise High Performance Computing
Suse linux Enterprise Server
Suse linux Enterprise Server For Sap

Tue, 12 Nov 2024 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Artifex
Artifex ghostscript
CPEs cpe:2.3:a:artifex:ghostscript:10.04.0:*:*:*:*:*:*:*
Vendors & Products Artifex
Artifex ghostscript
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 12 Nov 2024 13:45:00 +0000

Type Values Removed Values Added
Title ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space
Weaknesses CWE-824
References
Metrics threat_severity

None

cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

threat_severity

Moderate


Sun, 10 Nov 2024 21:15:00 +0000

Type Values Removed Values Added
Description An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-11-10T00:00:00

Updated: 2024-11-12T20:22:36.377Z

Reserved: 2024-09-16T00:00:00

Link: CVE-2024-46951

cve-icon Vulnrichment

Updated: 2024-11-12T20:22:22.755Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-10T21:15:14.880

Modified: 2024-11-14T02:13:25.587

Link: CVE-2024-46951

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-11-10T00:00:00Z

Links: CVE-2024-46951 - Bugzilla