Vulnerability & Exploit Database

Displaying all 9 entries

Results for: CVE-2018-3760 Back to search

Huawei EulerOS: CVE-2018-16509: ghostscript security update Vulnerability

  • Severity: 9
  • Published: September 05, 2018

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.

Artifex Ghostscript: (CVE-2018-16509) Failed Restore Command Execution Vulnerability

  • Severity: 9
  • Published: September 05, 2018

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.

Gentoo Linux: CVE-2018-16509: GPL Ghostscript: Multiple vulnerabilities Vulnerability

  • Severity: 9
  • Published: September 05, 2018

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.

CentOS: (CVE-2018-16509) (Multiple Advisories): ghostscript Vulnerability

  • Severity: 9
  • Published: September 05, 2018

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.

SUSE: CVE-2018-3760: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: June 26, 2018

There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an a...

Debian: CVE-2018-3760: ruby-sprockets -- security update Vulnerability

  • Severity: 5
  • Published: June 26, 2018

There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an a...