|
Family: Red Hat Local Security Checks --> Category: infos
RHSA-2002-123: ghostscript Vulnerability Scan
Vulnerability Scan Summary Check for the version of the ghostscript packages
Detailed Explanation for this Vulnerability Test
Updated packages are available for GNU Ghostscript, which fix a
vulnerability found during PostScript interpretation.
Ghostscript is a program for displaying PostScript files or printing them
to non-PostScript printers.
An untrusted PostScript file can cause ghostscript to execute arbitrary
commands due to insufficient checking. Since GNU Ghostscript is often used
during the course of printing a document (and is run as user 'lp'), all
users should install these fixed packages.
The problem is fixed in the 6.53 source release of GNU Ghostscript, and the
fix has been backported and applied to the packages referenced by this
advisory.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2002-0363 to this issue.
Solution : http://rhn.redhat.com/errata/RHSA-2002-123.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|