| 公告ID: |
KYLIN-2019-3835 |
| 安全等级: |
重要 |
| 产品: |
Kylin V3 |
| 发布日期: |
2019年3月21日 |
| CVE: |
CVE-2019-3835 |
| CVSS3评分: |
7.3 |
概述:
None
描述:
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
It was found that the superexec operator was available in the internal dictionary. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
系统版本:
KYLIN 3.0.x
KYLIN 3.2.x
KYLIN 3.3.x
受影响包列表:
ghostscript
ghostscript
ghostscript