The vulnerability of the GetNumWrongData() function (contrib/lips4/gdevlips.c) in the software suite for processing, converting, and generating Ghostscript documents allows a perpetrator to trigger a service failure.

The vulnerability of the GetNumWrongData function contrib/lips4/gdevlips.c in the software suite for processing, transforming, and generating Ghostscript documents is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause...

Vulnerability of the tiff12_print_page() function (device/gdevtfnx.c) in the software suite for processing, converting, and generating Ghostscript documents, allowing a hacker to trigger a service failure

The vulnerability of the tiff12printpage function device/gdevtfnx.c in the software suite for processing, transforming, and generating Ghostscript documents is related to writing beyond buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the mj_color_correct() function in software programs for processing, transforming, and generating Ghostscript documents allows a malicious actor to cause service failures.

The vulnerability of the mjcolorcorrect function contrib/japanese/gdevmjc.c in the software suite for processing, transforming, and generating Ghostscript documents is related to buffer overflow attacks. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Vulnerability of the lprn_is_black() function (contrib/lips4/gdevlprn.c) in the software suite for processing, transforming, and generating Ghostscript documents, allowing a hacker to trigger a service failure

The vulnerability of the lprnisblack function contrib/lips4/gdevlprn.c in the software suite for processing, transforming, and generating Ghostscript documents is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service...

The vulnerability of the cljmedia_size() function (device/gdevclj.c) in the software suite for processing, transforming, and generating Ghostscript documents, allowing a hacker to trigger a service failure

The vulnerability of the cljmediasize function device/gdevclj.c in the software suite for processing, transforming, and generating Ghostscript documents is related to the use of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2021-1434)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2021-1539)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2021-1476)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.6.0 : ghostscript (EulerOS-SA-2021-1539)

According to the versions of the ghostscript packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A buffer overflow vulnerability in jetp3852printpage in devices/gdev3852.c of Artifex Software GhostScript v9.50...

Important: ghostscript

Issue Overview: Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code. CVE-2018-17183 Artifex Ghostscript 9.25 and earlier allows...

Amazon Linux 2 : ghostscript (ALAS-2021-1598)

The version of ghostscript installed on the remote host is prior to 9.25-5. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1598 advisory. Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2021-1193)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2021-1193)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a...

CentOS 8 : ghostscript (CESA-2019:3890)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:3890 advisory. - ghostscript: -dSAFER escape in .charkeys 701841 CVE-2019-14869 Note that Nessus has not tested for this issue but has instead relied only on the application's...

CentOS 8 : ghostscript (CESA-2019:2591)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2591 advisory. - ghostscript: Safer mode bypass by .forceput exposure in .pdfhookDSCCreator 701445 CVE-2019-14811 - ghostscript: Safer mode bypass by .forceput exposu...

CentOS 8 : ghostscript (CESA-2019:0971)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:0971 advisory. - ghostscript: superexec operator is available 700585 CVE-2019-3835 - ghostscript: forceput in DefineResource is still accessible 700576 CVE-2019-3838 ...

EulerOS 2.0 SP3 : ghostscript (EulerOS-SA-2021-1067)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A buffer overflow vulnerability in lprnisblack in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker t...

FreeBSD : Ghostscript -- SAFER Sandbox Breakout (62642942-590f-11eb-a0dc-8c164582fbac)

SO-AND-SO reports : A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2021-1067)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4686-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...