CVE-2024-46951 – Securitricks

216.73.216.226

CVE-2024-46951

· Published 10/11/2024 21:15 · Modified 14/11/2024 02:13

Labels: CVE-2024-46951 2024-11-10 CVE-2024-46951 CWE-824 [email protected]

Essential information

Published: 10/11/2024 21:15
Modified: 14/11/2024 02:13
Author: —
Creator: —
CVSS: 7.8 HIGH (v3.1)
CISA KEV: No
CWE: —
CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS metrics

Description

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.

NVD status

Status: Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
artifex / ghostscript	`cpe:2.3:a:artifex:ghostscript::::::::`
debian / debian linux	`cpe:2.3:o:debian:debian_linux:12.0:::::::*`
suse / linux enterprise high performance computing	`cpe:2.3:o:suse:linux_enterprise_high_performance_computing:12.0:sp5:::-:::*`
suse / linux enterprise server	`cpe:2.3:o:suse:linux_enterprise_server:12:sp5:::-:::*`
suse / linux enterprise server	`cpe:2.3:o:suse:linux_enterprise_server:12:sp5:::ltss:::*`
suse / linux enterprise server	`cpe:2.3:o:suse:linux_enterprise_server:12:sp5:::ltss_extended_security:::*`
suse / linux enterprise server for sap	`cpe:2.3:o:suse:linux_enterprise_server_for_sap:12:sp5::::::`

References