Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Ghostscript vulnerabilities (USN-5643-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5643-1 advisory. It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system were tricked into opening...

PT-2022-37303 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free error, which occurs when the program attempts to access memory that has already been freed. The crash state...

The vulnerability of the Ghostscript software for document processing lies in the fact that operations are performed outside the buffer in memory. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Ghostscript document processing software lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...

Artifex Ghostscript 9.55 DoS

The version of Artifex Ghostscript installed on the remote Windows host is 9.55. It is, therefore, affected by a NULL pointer dereference vulnerabiulity leading to denial of service. The DoS occurs when Ghostscript tries to render a large number of bits in memory. When allocating a buffer device,...

Ubuntu 16.04 ESM : Ghostscript vulnerability (USN-5618-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5618-1 advisory. It was discovered the Ghostscript incorrectly handled memory when processing certain inputs. By tricking a user into opening a specially crafted PDF file, an...

Ubuntu: Security Advisory (USN-5618-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5618-1: Ghostscript vulnerability

It was discovered the Ghostscript incorrectly handled memory when processing certain inputs. By tricking a user into opening a specially crafted PDF file, an attacker could cause the program to crash...

USN-5618-1 ghostscript vulnerability

It was discovered the Ghostscript incorrectly handled memory when processing certain inputs. By tricking a user into opening a specially crafted PDF file, an attacker could cause the program to crash...

Denial Of Service (DoS)

ghostscript is vulnerable to denial of service. The vulnerability exists due to a heap-based buffer over write vulnerability was found in GhostScript's lp8000printpage function in gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer overflow that...

Artifex Ghostscript Remote Code Execution (CVE-2018-16509)

A remote code execution vulnerability exists in Artifex Ghostscript. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

PT-2022-37275 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. Technical details include a crash state involving functions such as gs type2 interpret, copie...

Debian dla-3096 : ghostscript - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3096 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3096-1 [email protected] https://www.debian.org/lts/security/...

Debian: Security Advisory (DLA-3096-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3096-1] ghostscript security update

Debian LTS Advisory DLA-3096-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 04, 2022 https://wiki.debian.org/LTS Package : ghostscript Version : 9.27dfsg-2+deb10u6 CVE ID : CVE-2020-27792 A heap-based buffer over write vulnerability was found in...

PT-2022-37240 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-use-after-free READ 8 crash has been reported. The crash state includes functions such as xps tifsSeekProc, TIFFRewriteDirectory, and TIFFFlush. N...

DLA-3096-1 ghostscript - security update

Bulletin has no description...

PT-2022-37239 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 4 crash has been reported. The crash involves the ttfOutliner BuildGlyphOutlineAux, ttfOutliner Outline, and ngx ttf outline...

PT-2022-37231 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a global buffer overflow read of 8 bytes. The crash state involves several functions, including get unpack proc, xps begin typed...

Ubuntu: Security Advisory (USN-5396-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2434-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...