What is the severity of CVE-2018-17183?

CVE-2018-17183 is classified as a high severity vulnerability due to the potential for remote code execution.

How do I fix CVE-2018-17183?

To fix CVE-2018-17183, update Ghostscript to version 9.26 or later.

Which versions of Ghostscript are affected by CVE-2018-17183?

CVE-2018-17183 affects Ghostscript versions prior to 9.26.

Can CVE-2018-17183 be exploited remotely?

Yes, CVE-2018-17183 can be exploited remotely by attackers who supply crafted PostScript.

What types of systems are vulnerable to CVE-2018-17183?

CVE-2018-17183 affects various systems running vulnerable versions of Ghostscript, including Red Hat and Debian installations.

Vulnerability/
CVE-2018-17183

high

7.8

19/9/2018

21/11/2024

CVE-2018-17183

First published: Wed Sep 19 2018(Updated: )

Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
redhat/ghostscript	<9.26	9.26
debian/ghostscript		9.53.3~dfsg-7+deb11u7 9.53.3~dfsg-7+deb11u9 10.0.0~dfsg-11+deb12u6 10.04.0~dfsg-2
Ghostscript	<9.25
Ubuntu	=14.04
Ubuntu	=16.04
Ubuntu	=18.04
Debian	=8.0
Red Hat Enterprise Linux Desktop	=7.0
Red Hat Enterprise Linux Server	=7.0
Red Hat Enterprise Linux Server	=7.6
Red Hat Enterprise Linux Server	=7.6
Red Hat Enterprise Linux Server	=7.6
Red Hat Enterprise Linux Workstation	=7.0

Remedy

http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=fb713b3818b52d8a6cf62c951eba2e1795ff9624

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-17183?
CVE-2018-17183 is classified as a high severity vulnerability due to the potential for remote code execution.
How do I fix CVE-2018-17183?
To fix CVE-2018-17183, update Ghostscript to version 9.26 or later.
Which versions of Ghostscript are affected by CVE-2018-17183?
CVE-2018-17183 affects Ghostscript versions prior to 9.26.
Can CVE-2018-17183 be exploited remotely?
Yes, CVE-2018-17183 can be exploited remotely by attackers who supply crafted PostScript.
What types of systems are vulnerable to CVE-2018-17183?
CVE-2018-17183 affects various systems running vulnerable versions of Ghostscript, including Red Hat and Debian installations.

collector/launchpad-cve
source/Launchpad
agent/type
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2018-17183
agent/software-canonical-lookup
agent/severity
agent/remedy
collector/mitre-cve
source/MITRE
collector/usn-cve
source/Ubuntu
agent/references
agent/first-publish-date
agent/event
agent/description
agent/last-modified-date
agent/trending
agent/source
collector/security-tracker-debian
source/Debian
agent/author
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-cve
source/NVD
package-manager/redhat
package-manager/debian
vendor/artifex
canonical/ghostscript
vendor/canonical
canonical/ubuntu
version/ubuntu/14.04
version/ubuntu/16.04
version/ubuntu/18.04
vendor/debian
canonical/debian
version/debian/8.0
vendor/redhat
canonical/red hat enterprise linux desktop
version/red hat enterprise linux desktop/7.0
canonical/red hat enterprise linux server
version/red hat enterprise linux server/7.0
version/red hat enterprise linux server/7.6
canonical/red hat enterprise linux workstation
version/red hat enterprise linux workstation/7.0