VYPR
Unrated severityNVD Advisory· Published Dec 20, 2018· Updated Aug 5, 2024

CVE-2018-19134

CVE-2018-19134

Description

In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue because of failure to check whether the Implementation of a pattern dictionary was a structure type.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Artifex/Ghostscriptinferred2 versions
    <=9.25+ 1 more
    • (no CPE)range: <=9.25
    • (no CPE)range: <=9.25

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.