EUVD-2019-5942

Malware in sbrugna...

EUVD-2019-5984

Malware in sbrugna...

CVE-1999-0155

The ghostscript command with the -dSAFER option allows remote attackers to execute commands...

CVE-2018-15908

It was discovered that the ghostscript .tempfile function did not properly handle file permissions. An attacker could possibly exploit this to exploit this to bypass the -dSAFER protection and delete files or disclose their content via a specially crafted PostScript document. Mitigation Please se...

Updated ghostscript packages fix security vulnerability

Trivial -dSAFER bypass in 9.55. CVE-2021-3781...

MGASA-2021-0436 Updated ghostscript packages fix security vulnerability

Trivial -dSAFER bypass in 9.55. CVE-2021-3781...

The vulnerability of the .tempfile component in the software suite for processing, transforming, and generating Ghostscript documents allows a perpetrator to circumvent the dSAFER protection mechanism, delete files, or gain unauthorized access to protected information.

The vulnerability of the .tempfile component in the software for processing, transforming, and generating Ghostscript documents is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to bypass the dSAFER protection, delete files, or gain unauthorized...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2016-1050)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2019:2534-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2019-14869: Fixed a possible dSAFER escape which could have allowed an attacker to gain high privileges by a specially crafted Postscript code bsc1156275. This update was imported from the SUSE:SLE-15:Update update project...

MGASA-2019-0336 Updated ghostscript packages fix security vulnerability

The updated packages fix a security vulnerability: -dSAFER escape in .charkeys. CVE-2019-14869...

Information Disclosure

ghostscript is vulnerable to information disclosure. The vulnerability exists due to -dSAFER escape in .charkeys...

Debian: Security Advisory (DLA-1992-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-15909

It was discovered that the ghostscript .shfill operator did not properly validate certain types. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted PostScript...

Debian: Security Advisory (DLA-1915-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-1915-1 : ghostscript security update

It was discovered that various procedures in Ghostscript, the GPL PostScript/PDF interpreter, do not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox. For Debian 8 'Jessie', these problems have been fixed in version...

Debian DSA-4518-1 : ghostscript - security update

It was discovered that various procedures in Ghostscript, the GPL PostScript/PDF interpreter, do not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox. C Tenable Network Security, Inc. The descriptive text and package checks in this...

Debian DSA-4499-1 : ghostscript - security update

Netanel reported that the .buildfont1 procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox. C Tenable Network Security, Inc. The descriptive text and package checks...

USN-4092-1: Ghostscript vulnerability

Netanel Fisher discovered that the font handler in Ghostscript did not properly restrict privileged calls when '-dSAFER' restrictions were in effect. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access...

NewStart CGSL CORE 5.04 / MAIN 5.04 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0054)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ghostscript packages installed that are affected by multiple vulnerabilities: - It was discovered that the ghostscript PDF14 compositor did not properly handle the copying of a device. An attacker could possibly exploit thi...

NewStart CGSL MAIN 4.05 : ghostscript Vulnerability (NS-SA-2019-0145)

The remote NewStart CGSL host, running version MAIN 4.05, has ghostscript packages installed that are affected by a vulnerability: - It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the -dSAFER protection...