In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file.
References
Link | Resource |
---|---|
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=0a7e5a1c309fa0911b892fa40996a7d55d90bace | |
http://www.securityfocus.com/bid/106445 | Third Party Advisory VDB Entry |
https://bugs.ghostscript.com/show_bug.cgi?id=699856 | Issue Tracking Permissions Required Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1655607 | Issue Tracking Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2018/12/msg00019.html | Third Party Advisory |
https://www.ghostscript.com/doc/9.26/History9.htm | Release Notes |
Configurations
History
No history.
Information
Published : 2019-01-02 18:29
Updated : 2024-02-04 20:03
NVD link : CVE-2018-19478
Mitre link : CVE-2018-19478
CVE.ORG link : CVE-2018-19478
JSON object : View
Products Affected
debian
- debian_linux
artifex
- ghostscript
CWE
CWE-20
Improper Input Validation