5485 matches found
UBUNTU-CVE-2016-7976
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams...
Debian DLA-484-1 : graphicsmagick security update (ImageTragick)
Several security vulnerabilities were discovered in graphicsmagick a tool to manipulate image files. GraphicsMagick is a fork of ImageMagick and also affected by vulnerabilities collectively known as ImageTragick, that are the consequence of lack of sanitization of untrusted input. An attacker wi...
ImageMagick Delegate Arbitrary Command Execution
This module exploits a shell command injection in the way "delegates" commands for converting files are processed in ImageMagick versions 'ImageMagick Delegate Arbitrary Command Execution', 'Description' = %q This module exploits a shell command injection in the way "delegates" commands for...
ImageMagick 6.9.3-9 / 7.0.1-0 - Multiple Vulnerabilities (ImageTragick)
Exploit for multiple platform in category dos / poc Nikolay Ermishkin from the Mail.Ru Security Team discovered several vulnerabilities in ImageMagick. We've reported these issues to developers of ImageMagick and they made a fix for RCE in sources and released new version 6.9.3-9 released...
openSUSE Security Update : ghostscript (openSUSE-2016-427)
ghostscript was updated to fix one security issue and one bug. The following vulnerability was fixed : - CVE-2015-3228: Specially crafted ps files could have caused an out of bound read/write due to an integer overflow, causing a segfault in the application or having unspecified further impact...
SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2016:0884-1)
ghostscript was updated to fix one security issue and one bug. The following vulnerability was fixed : - CVE-2015-3228: Specially crafted ps files could have caused an out of bound read/write due to an integer overflow, causing a segfault in the application or having unspecified further impact...
SUSE-SU-2016:0884-1 Security update for ghostscript
ghostscript was updated to fix one security issue and one bug. The following vulnerability was fixed: CVE-2015-3228: Specially crafted ps files could have caused an out of bound read/write due to an integer overflow, causing a segfault in the application or having unspecified further impact. Also...
CVE-2009-4270
Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PDF file, as originally reported for debug logging code in gdevcups.c in the CUPS...
Mageia: Security Advisory (MGASA-2015-0308)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2008-0155)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2009-0345)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2009-0421)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2012-0095)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2012-1256)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201412-17
Gentoo Linux Local Security Checks GLSA 201412-17 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Amazon Linux: Security Advisory (ALAS-2012-127)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2012-42)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : ghostscript -- denial of service (crash) via crafted Postscript files (fc1f6658-4f53-11e5-934b-002590263bf5)
MITRE reports : Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or...
GNU troff contrib/pdfmark/pdfroff.sh design error vulnerability
Groff GNU Troff is the latest open source implementation of Troff, a document preparation system that generates print and screen documents from the same input source for a variety of devices. GNU troff groff versions prior to 1.21 in contrib/pdfmark/pdfroff.sh starts the Ghostscript program witho...
CVE-2015-3228
Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...