CVE-2019-14811 - A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure wher

CVE-2019-14811

Summary

A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.

References

Vulnerable Configurations

cpe:2.3:a:artifex:ghostscript:-:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:-:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:8_64:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:8_64:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.00:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.00:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.01:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.01:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.02:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.02:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.04:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.04:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.05:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.05:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.06:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.06:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.07:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.07:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.09:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.09:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.10:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.10:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.14:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.14:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.15:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.15:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.16:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.16:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.18:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.18:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.19:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.19:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.20:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.20:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.21:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.21:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.22:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.22:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.23:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.23:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.24:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.24:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.25:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.25:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.26:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.26:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.27:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.27:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.28:*:*:*:*:*:*:*
cpe:2.3:a:artifex:ghostscript:9.28:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 16-10-2020 - 13:21)
Impact:
Exploitability:

CWE

CWE-863

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

redhat via4

advisories

rhsa
id RHBA-2019:2824
rhsa
id RHSA-2019:2594

rpms

ghostscript-0:9.25-2.el7_7.2
ghostscript-cups-0:9.25-2.el7_7.2
ghostscript-debuginfo-0:9.25-2.el7_7.2
ghostscript-doc-0:9.25-2.el7_7.2
ghostscript-gtk-0:9.25-2.el7_7.2
libgs-0:9.25-2.el7_7.2
libgs-devel-0:9.25-2.el7_7.2
ghostscript-0:9.25-2.el8_0.3
ghostscript-debuginfo-0:9.25-2.el8_0.3
ghostscript-debugsource-0:9.25-2.el8_0.3
ghostscript-doc-0:9.25-2.el8_0.3
ghostscript-gtk-debuginfo-0:9.25-2.el8_0.3
ghostscript-tools-dvipdf-0:9.25-2.el8_0.3
ghostscript-tools-fonts-0:9.25-2.el8_0.3
ghostscript-tools-printing-0:9.25-2.el8_0.3
ghostscript-x11-0:9.25-2.el8_0.3
ghostscript-x11-debuginfo-0:9.25-2.el8_0.3
libgs-0:9.25-2.el8_0.3
libgs-debuginfo-0:9.25-2.el8_0.3
libgs-devel-0:9.25-2.el8_0.3

refmap via4

bugtraq	20190910 [SECURITY] [DSA 4518-1] ghostscript security update
confirm	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14811
debian	DSA-4518
fedora	FEDORA-2019-0a9d525d71 FEDORA-2019-953fc0f16d FEDORA-2019-ebd6c4f15a
gentoo	GLSA-202004-03
mlist	[debian-lts-announce] 20190909 [SECURITY] [DLA 1915-1] ghostscript security update
suse	openSUSE-SU-2019:2222 openSUSE-SU-2019:2223

Last major update

16-10-2020 - 13:21

Published

03-09-2019 - 16:15

Last modified

16-10-2020 - 13:21