CVE-2019-14869

Name
CVE-2019-14869
Description
A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14869
Mailing List http://www.openwall.com/lists/oss-security/2019/11/15/1
Permissions Required https://bugs.ghostscript.com/show_bug.cgi?id=701841
Patch https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=485904772c5f
Third Party Advisory https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IX55AEDERTDFEZAROKZW64MZRPLINEGI/
Issue Tracking https://seclists.org/bugtraq/2019/Nov/27
Third Party Advisory https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HC4REO73BEJOJAU7NHFHJECAUAYJUE3H/
Mailing List http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00049.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00050.html
Third Party Advisory https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2Q4E3OTDAJRSUCOBTDQO7Y5UTE2FFMLF/
Third Party Advisory https://access.redhat.com/errata/RHSA-2020:0222
Third Party Advisory http://jvn.jp/en/jp/JVN52486659/index.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:* ghostscript >= 9.00 < 9.50

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
ghostscript 3.10-main 9.27-r5 Cameron Banta <cbanta@gmail.com> fixed