| CVE-2019-6116 |
AVG-860 |
High |
Yes |
Sandbox escape |
It was found that ghostscript could leak sensitive operators on the operand stack when a pseudo-operator pushes a subroutine. A specially crafted PostScript... |
| CVE-2019-3838 |
AVG-929 |
High |
Yes |
Sandbox escape |
It was found that the forceput operator could be extracted from the DefineResource method using methods similar to the ones described in CVE-2019-6116. A... |
| CVE-2019-3835 |
AVG-929 |
High |
Yes |
Sandbox escape |
It was found that the superexec operator was available in the internal dictionary. A specially crafted PostScript file could use this flaw in order to, for... |
| CVE-2018-18284 |
AVG-786 |
High |
Yes |
Sandbox escape |
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. |
| CVE-2018-18073 |
AVG-786 |
High |
Yes |
Sandbox escape |
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an... |
| CVE-2018-17961 |
AVG-786 |
High |
Yes |
Sandbox escape |
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. |
| CVE-2017-8291 |
AVG-256 |
High |
Yes |
Arbitrary command execution |
It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially... |