公告ID: KYLIN-2019-6116
安全等级: 重要
产品: Kylin V3
发布日期: 2019年1月23日
CVE: CVE-2019-6116
CVSS3评分: 7.3
概述:
None 描述:
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. It was found that ghostscript could leak sensitive operators on the operand stack when a pseudo-operator pushes a subroutine. A specially crafted PostScript file could use this flaw to escape the -dSAFER protection in order to, for example, have access to the file system and execute commands. 系统版本:
KYLIN 3.0.x
KYLIN 3.2.x
KYLIN 3.3.x
受影响包列表:
ghostscript
ghostscript
ghostscript