公告ID: KYLIN-2019-3838
安全等级: 重要
产品: Kylin V3
发布日期: 2019年3月21日
CVE: CVE-2019-3838
CVSS3评分: 7.3
概述:
None 描述:
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. It was found that the forceput operator could be extracted from the DefineResource method. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. 系统版本:
KYLIN 3.0.x
KYLIN 3.2.x
KYLIN 3.3.x
受影响包列表:
ghostscript
ghostscript
ghostscript