An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7103-1 advisory.

    It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use     this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary     code. (CVE-2024-46951, CVE-2024-46953, CVE-2024-46955, CVE-2024-46956)

    It was discovered that Ghostscript incorrectly handled parsing certain PDF files. An attacker could use     this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary     code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. (CVE-2024-46952)

    It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use     this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly bypass file path     validation. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-46954)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5808 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-5808-1                   security@debian.org     https://www.debian.org/security/                     Salvatore Bonaccorso     November 11, 2024                     https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : ghostscript     CVE ID         : CVE-2024-46951 CVE-2024-46952 CVE-2024-46953 CVE-2024-46955                      CVE-2024-46956

    Multiple security issues were discovered in Ghostscript, the GPL     PostScript/PDF interpreter, which could result in denial of service and     potentially the execution of arbitrary code if malformed document files     are processed.

    For the stable distribution (bookworm), these problems have been fixed in     version 10.0.0~dfsg-11+deb12u6.

    We recommend that you upgrade your ghostscript packages.

    For the detailed security status of ghostscript please refer to its     security tracker page at:
    https://security-tracker.debian.org/tracker/ghostscript

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3941-1 advisory.

    - CVE-2024-46951: Fixed arbitrary code execution via unchecked 'Implementation' pointer in 'Pattern' color     space (bsc#1232265).
    - CVE-2024-46953: Fixed integer overflow when parsing the page format results in path truncation, path     traversal, code execution (bsc#1232267).
    - CVE-2024-46956: Fixed arbitrary code execution via out of bounds data access in filenameforall     (bsc#1232270).
    - CVE-2024-46955: Fixed out of bounds read when reading color in 'Indexed' color space (bsc#1232269).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3942-1 advisory.

    - CVE-2024-46951: Fixed arbitrary code execution via unchecked 'Implementation' pointer in 'Pattern' color     space (bsc#1232265).
    - CVE-2024-46953: Fixed integer overflow when parsing the page format results in path truncation, path     traversal, code execution (bsc#1232267).
    - CVE-2024-46956: Fixed arbitrary code execution via out of bounds data access in filenameforall     (bsc#1232270).
    - CVE-2024-46955: Fixed out of bounds read when reading color in 'Indexed' color space (bsc#1232269).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
210776	Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Ghostscript vulnerabilities (USN-7103-1)	Nessus	Ubuntu Local Security Checks	high
210742	Debian dsa-5808 : ghostscript - security update	Nessus	Debian Local Security Checks	high
210578	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ghostscript (SUSE-SU-2024:3941-1)	Nessus	SuSE Local Security Checks	high
210577	SUSE SLES12 Security Update : ghostscript (SUSE-SU-2024:3942-1)	Nessus	SuSE Local Security Checks	high

Detections

Analytics

CVE-2024-46956

high

Tenable Plugins

high

high

high

high