5485 matches found
CVE-2020-15900
A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The ‘rsearch’ calculation for the ‘post’ size resulted in a size that was too large, and could underflow to max uint32t. This was fixed...
Ghostscript -- SAFER Sandbox Breakout
NVD reports: A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32t...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2020-1738)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.0 : ghostscript (EulerOS-SA-2020-1738)
According to the version of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The InsMIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of servic...
ghostscript:gstoraster_fuzzer: Use-of-uninitialized-value in load_truetype_glyph
Detailed Report: https://oss-fuzz.com/testcase?key=6276535945527296 Project: ghostscript Fuzzing Engine: libFuzzer Fuzz Target: gstorasterfuzzer Job Type: libfuzzermsanghostscript Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: loadtruetypeglyph TTLoadGlyph...
EulerOS 2.0 SP2 : ghostscript (EulerOS-SA-2020-1658)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in, ghostscript versions prior to 9.50, in the .pdfhookDSCCreator procedure where it did not properly secure its privilege...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2020-1658)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ghostscript:gstoraster_fuzzer: Use-of-uninitialized-value in zcheck_r6_password
Detailed Report: https://oss-fuzz.com/testcase?key=5646279408615424 Project: ghostscript Fuzzing Engine: libFuzzer Fuzz Target: gstorasterfuzzer Job Type: libfuzzermsanghostscript Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: zcheckr6password interp...
PRET
The repository michaelxiaxc/PRET is a Printer Exploitation Toolkit that allows users to test the security of their printers. The tool connects to a device via network or USB and exploits the features of a given printer language, currently supporting PostScript, PJL, and PCL. The main idea of PRET...
ghostscript:gstoraster_fuzzer: Use-of-uninitialized-value in FAPI_FF_get_glyph
Detailed Report: https://oss-fuzz.com/testcase?key=5704898518974464 Project: ghostscript Fuzzing Engine: libFuzzer Fuzz Target: gstorasterfuzzer Job Type: libfuzzermsanghostscript Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: FAPIFFgetglyph getfapiglyphdata...
ghostscript:gstoraster_fuzzer: Use-of-uninitialized-value in gs_scan_token
Detailed Report: https://oss-fuzz.com/testcase?key=5976920960532480 Project: ghostscript Fuzzing Engine: libFuzzer Fuzz Target: gstorasterfuzzer Job Type: libfuzzermsanghostscript Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: gsscantoken tokencontinue ztoke...
ghostscript:gstoraster_fuzzer: Use-of-uninitialized-value in get_fapi_glyph_data
Detailed Report: https://oss-fuzz.com/testcase?key=5170403420143616 Project: ghostscript Fuzzing Engine: libFuzzer Fuzz Target: gstorasterfuzzer Job Type: libfuzzermsanghostscript Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: getfapiglyphdata...
SUSE SLED15 / SLES15 Security Update : ghostscript (SUSE-SU-2020:1220-1)
This update for ghostscript to version 9.52 fixes the following issues : CVE-2020-12268: Fixed a heap-based buffer overflow in jbig2imagecompose bsc1170603. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...
SUSE SLES12 Security Update : ghostscript (SUSE-SU-2020:1212-1)
This update for ghostscript to version 9.52 fixes the following issues : CVE-2020-12268: Fixed a heap-based buffer overflow in jbig2imagecompose bsc1170603. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...
ghostscript:gstoraster_fuzzer: Use-of-uninitialized-value in s_exD_process
Detailed Report: https://oss-fuzz.com/testcase?key=5769684738899968 Project: ghostscript Fuzzing Engine: libFuzzer Fuzz Target: gstorasterfuzzer Job Type: libfuzzermsanghostscript Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: sexDprocess sreadbuf...
ghostscript:gstoraster_fuzzer: Use-of-uninitialized-value in load_truetype_glyph
Detailed Report: https://oss-fuzz.com/testcase?key=5668538569457664 Project: ghostscript Fuzzing Engine: libFuzzer Fuzz Target: gstorasterfuzzer Job Type: libfuzzermsanghostscript Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: loadtruetypeglyph TTLoadGlyph...
openSUSE: Security Advisory for ghostscript (openSUSE-SU-2020:0653-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : ghostscript (openSUSE-2020-653)
This update for ghostscript to version 9.52 fixes the following issues : - CVE-2020-12268: Fixed a heap-based buffer overflow in jbig2imagecompose bsc1170603. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package...
OPENSUSE-SU-2020:0653-1 Security update for ghostscript
This update for ghostscript to version 9.52 fixes the following issues: - CVE-2020-12268: Fixed a heap-based buffer overflow in jbig2imagecompose bsc1170603. This update was imported from the SUSE:SLE-15:Update update project...
Security update for ghostscript (important)
openSUSE Security Update: Security update for ghostscript Announcement ID: openSUSE-SU-2020:0653-1 Rating: important References: 1170603 Cross-References: CVE-2020-12268 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...