Home CVE Database CVE-2018-16585

CVE-2018-16585

Description

An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup phase). This leads to memory corruption, allowing remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact.

Priority: MEDIUM
CVSS v3: 7.8
Publish Date: Sep 6, 2018
Related ID: --
CVSS v2: HIGH
Modified Date: Sep 9, 2018

Find out more about CVE-2018-16585 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

ghostscript

Live chat
Online