What is CVE-2018-16509?

CVE-2018-16509 is a vulnerability in N/a. Published 2018-09-05.

Is CVE-2018-16509 known to be exploited?

50 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-16509

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "…

EPSS: 0.918 (99.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

git.ghostscript.com/ (x_refsource_MISC)
45369 (exploit, x_refsource_EXPLOIT-DB)
bugs.ghostscript.com/show_bug.cgi (x_refsource_MISC)
RHSA-2018:2918 (x_refsource_REDHAT, vendor-advisory)
git.ghostscript.com/ (x_refsource_MISC)
GLSA-201811-12 (vendor-advisory, x_refsource_GENTOO)
USN-3768-1 (x_refsource_UBUNTU, vendor-advisory)
www.artifex.com/news/ghostscript-security-resolved/ (x_refsource_MISC)
RHSA-2018:3760 (x_refsource_REDHAT, vendor-advisory)
seclists.org/oss-sec/2018/q3/142 (x_refsource_MISC)

Frequently asked questions

What is CVE-2018-16509?: CVE-2018-16509 is a vulnerability in N/a. Published 2018-09-05.
Is CVE-2018-16509 known to be exploited?: 50 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.