{ "threat_severity" : "Important", "public_date" : "2019-08-28T12:00:00Z", "bugzilla" : { "description" : "ghostscript: Safer mode bypass by .forceput exposure in setsystemparams (701443)", "id" : "1743737", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1743737" }, "cvss3" : { "cvss3_base_score" : "7.3", "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "status" : "verified" }, "cwe" : "CWE-648", "details" : [ "A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.", "A flaw was found in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands." ], "acknowledgement" : "Red Hat would like to thank Artifex Software for reporting this issue. Upstream acknowledges Hiroki MATSUKUMA (Cyber Defense Institute) as the original reporter.", "affected_release" : [ { "product_name" : "3scale API Management 2.6 on RHEL 7", "release_date" : "2019-08-21T00:00:00Z", "advisory" : "RHSA-2019:2534", "cpe" : "cpe:/a:redhat:3scale_amp:2", "package" : "3scale-amp26/3scale-operator:1.9-7" }, { "product_name" : "3scale API Management 2.6 on RHEL 7", "release_date" : "2019-08-21T00:00:00Z", "advisory" : "RHSA-2019:2534", "cpe" : "cpe:/a:redhat:3scale_amp:2", "package" : "3scale-amp26/apicast-gateway:1.15-9" }, { "product_name" : "3scale API Management 2.6 on RHEL 7", "release_date" : "2019-08-21T00:00:00Z", "advisory" : "RHSA-2019:2534", "cpe" : "cpe:/a:redhat:3scale_amp:2", "package" : "3scale-amp26/backend:1.9-24" }, { "product_name" : "3scale API Management 2.6 on RHEL 7", "release_date" : "2019-08-21T00:00:00Z", "advisory" : "RHSA-2019:2534", "cpe" : "cpe:/a:redhat:3scale_amp:2", "package" : "3scale-amp26/operator:1.9-7" }, { "product_name" : "3scale API Management 2.6 on RHEL 7", "release_date" : "2019-08-21T00:00:00Z", "advisory" : "RHSA-2019:2534", "cpe" : "cpe:/a:redhat:3scale_amp:2", "package" : "3scale-amp26/toolbox:1.2-5" }, { "product_name" : "3scale API Management 2.6 on RHEL 7", "release_date" : "2019-08-21T00:00:00Z", "advisory" : "RHSA-2019:2534", "cpe" : "cpe:/a:redhat:3scale_amp:2", "package" : "3scale-amp26/zync:1.9-28" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2019-09-02T00:00:00Z", "advisory" : "RHSA-2019:2586", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "ghostscript-0:9.25-2.el7_7.2" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-09-02T00:00:00Z", "advisory" : "RHSA-2019:2591", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "ghostscript-0:9.25-2.el8_0.3" } ], "package_state" : [ { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Not affected", "package_name" : "ghostscript", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Out of support scope", "package_name" : "ghostscript", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "ghostscript", "cpe" : "cpe:/o:redhat:enterprise_linux:6" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2019-14813\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-14813" ], "name" : "CVE-2019-14813", "mitigation" : { "value" : "Please refer to the \"Mitigation\" section of CVE-2018-16509 : https://access.redhat.com/security/cve/cve-2018-16509", "lang" : "en:us" }, "csaw" : false }