Exploit for Protection Mechanism Failure in Artifex Ghostscript

Real Case Exploitation of Buffer Overflow & Format String Vuln...

Astra Linux - уязвимость в ghostscript

A issue was discovered in Artifex Ghostscript prior to version 10.03.1. In the file psi/zmisc1.c, when SAFER mode is used, it allows the use of eexec seeds that deviate from the Type 1 standard...

Astra Linux - уязвимость в ghostscript

Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in the sampleddatasample function called from sampleddatacontinue and interp...

Astra Linux - уязвимость в ghostscript

A heap-based buffer overwrite vulnerability was discovered in the lp8000printpage function of GhostScript, located in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a specially crafted PDF file, triggering a heap buffer overflow that could lead to memory corruption...

Astra Linux - уязвимость в ghostscript

A issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow occurs when parsing the filename format string for the output filename, resulting in path truncation, as well as possible path traversal and code execution...

Astra Linux - уязвимость в ghostscript

A issue was discovered in psi/zcolor.c in Artifex Ghostscript prior to version 10.04.0. There is a buffer overflow vulnerability when reading colors from the indexed color space...

Astra Linux - уязвимость в ghostscript

In Artifex Ghostscript version 10.01.2, the gdevijs.c file in GhostPDL can lead to remote code execution through crafted PostScript documents. This occurs because the IJS device can be switched, or the IjsServer parameter can be changed, after SAFER has been activated. NOTE: It is a documented ri...

Astra Linux - уязвимость в ghostscript

A issue was discovered in Artifex Ghostscript prior to version 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in the psi/zbfont.c file...

Astra Linux - уязвимость в ghostscript

A issue was discovered in Artifex Ghostscript prior to version 10.05.0. The NPDL device has a Compression buffer overflow in the contrib/japanese/gdevnpdl.c file...

CLSA-2026-1778897873 ghostscript: Fix of CVE-2025-48708

CVE-2025-48708: fix argument sanitization to redact values supplied with '' separator...

openSUSE 16 Security Update : libspectre (openSUSE-SU-2026:20659-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20659-1 advisory. - rebuilds against ghostscript version update. Tenable has extracted the preceding description block directly from the SUSE security advisory. Note that...

Astra Linux - уязвимость в ghostscript

A buffer overflow vulnerability was discovered in base/gdevdevn.c:1973 within devnpcxwriterle in ghostscript. This issue may allow a local attacker to cause a denial of service by generating a malicious PDF file for a DEVN device using gs...

Astra Linux - уязвимость в ghostscript

In Artifex Ghostscript version 10.01.0, there is a buffer overflow that may lead to corruption of data within the PostScript interpreter, specifically in the bcp/sbcp.c file. This issue affects functions such as BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled just...

Astra Linux - уязвимость в ghostscript

An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution...

Astra Linux - уязвимость в ghostscript

A divide-by-zero issue was discovered in epsprintpage within gdevepsn.c in Artifex Software GhostScript 9.50. This issue allows remote attackers to cause a denial of service by opening crafted PDF files...

Astra Linux - уязвимость в ghostscript

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc...

Astra Linux - уязвимость в ghostscript

Artifex Ghostscript prior to version 10.03.1 allows for memory corruption, and enables SAFER sandbox bypass, through format string injection using a uniprint device...

Astra Linux - уязвимость в ghostscript

A vulnerability was discovered in Artifex GhostPDL, specifically at the address 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. This vulnerability has been classified as problematic. It affects the pdfferror function in the devices/vector/gdevpdf.c file, within the component named “New Output File Open...

Astra Linux - уязвимость в ghostscript

A buffer overflow vulnerability exists in the cljmediasize function in devices/gdevclj.c within Artifex Ghostscript 9.50. This vulnerability allows remote attackers to cause a denial of service or other unspecified impacts by opening crafted PDF documents...

Astra Linux - уязвимость в ghostscript

Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in the sampleddatafinish function called from sampleddatacontinue and interp...