CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenVAS•added 2008/09/04 12:0 a.m.•16 views

FreeBSD Ports: ghostscript-gpl, ghostscript-gpl-nox11

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

6.8CVSS6.4AI score0.15307EPSS

Tenable Nessus•added 2008/04/11 12:0 a.m.•22 views

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : ghostscript, gs-esp, gs-gpl vulnerability (USN-599-1)

Chris Evans discovered that Ghostscript contained a buffer overflow in its color space handling code. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the...

6.8CVSS6.3AI score0.15307EPSS

Ubuntu•added 2008/04/09 7:59 p.m.•56 views

USN-599-1: Ghostscript vulnerability

6.8CVSS6.1AI score0.15307EPSS

Tenable Nessus•added 2008/03/13 12:0 a.m.•30 views

GLSA-200803-14 : Ghostscript: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200803-14 Ghostscript: Buffer overflow Chris Evans Google Security discovered a stack-based buffer overflow within the zseticcspace function in the file zicc.c when processing a PostScript file containing a long 'Range' array in a...

6.8CVSS6.3AI score0.15307EPSS

Gentoo Linux•added 2008/03/08 12:0 a.m.•18 views

Ghostscript: Buffer overflow

Background Ghostscript is a suite of software based on an interpreter for PostScript and PDF. Description Chris Evans Google Security discovered a stack-based buffer overflow within the zseticcspace function in the file zicc.c when processing a PostScript file containing a long "Range" array in a...

6.8CVSS7.3AI score0.15307EPSS

Tenable Nessus•added 2008/03/07 12:0 a.m.•21 views

Fedora 7 : ghostscript-8.15.4-4.fc7 (2008-2084)

This update contains a back-ported fix for a security issue that allows malicious PostScript input files to cause a stack-based buffer overflow CVE-2008-0411. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

6.8CVSS5.4AI score0.15307EPSS

Tenable Nessus•added 2008/03/07 12:0 a.m.•19 views

Fedora 8 : ghostscript-8.61-8.fc8 (2008-1998)

This update contains a back-ported fix for a security issue that allows malicious PostScript input files to cause a stack-based buffer overflow CVE-2008-0411. This update also restores JPEG2000 support. Note that Tenable Network Security has extracted the preceding description block directly from...

6.8CVSS5.4AI score0.15307EPSS

Tenable Nessus•added 2008/03/07 12:0 a.m.•22 views

FreeBSD : ghostscript -- zseticcspace() function buffer overflow vulnerability (ca8e56d5-e856-11dc-b5af-0017319806e7)

Chris Evans from the Google Security Team reports : Severity: parsing of evil PostScript file will result in arbitrary code execution. A stack-based buffer overflow in the zseticcspace function in zicc.c allows remote arbitrary code execution via a malicious PostScript file .ps that contains a lo...

6.8CVSS6.5AI score0.15307EPSS

Fedora•added 2008/03/06 4:39 p.m.•17 views

[SECURITY] Fedora 7 Update: ghostscript-8.15.4-4.fc7

Ghostscript is a set of software that provides a PostScriptTM interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into ma...

6.8CVSS1.5AI score0.15307EPSS

Tenable Nessus•added 2008/03/04 12:0 a.m.•22 views

Slackware 11.0 / 12.0 / current : espgs/ghostscript (SSA:2008-062-01)

New espgs or ghostscript packages are available for 11.0, 12.0, and -current to fix a buffer overflow. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2008-062-01. The text itself is...

6.8CVSS6.9AI score0.15307EPSS

Fedora•added 2008/03/03 6:24 p.m.•13 views

[SECURITY] Fedora 8 Update: ghostscript-8.61-8.fc8

6.8CVSS1.5AI score0.15307EPSS

Packet Storm•added 2008/03/03 12:0 a.m.•54 views

ghostscript-poc.txt

/ A proof of concept exploit for ghostscript 8.61 and earlier. Vulnerability discovered by Chris Evans Author: [email protected] Will Drewry Affects: All versions of ghostscript that support .seticcspace. Tested on: Ubuntu gs-esp-8.15.2.dfsg.0ubuntu1-0ubuntu1 x86 Ghostscript 8.61 2007-11-21 x86...

7.4AI score

Exploits0

Slackware Linux•added 2008/03/02 10:1 a.m.•35 views

[slackware-security] espgs/ghostscript

New espgs or ghostscript packages are available for 11.0, 12.0, and -current to fix a buffer overflow. Here are the details from the Slackware 12.0 ChangeLog: patches/packages/espgs-8.15.4-i486-3slack12.0.tgz: This patched version of ESP Ghostscript fixes a buffer overflow. For more information o...

6.8CVSS6.4AI score0.15307EPSS

Tenable Nessus•added 2008/02/29 12:0 a.m.•22 views

openSUSE 10 Security Update : ghostscript-fonts-other (ghostscript-fonts-other-4985)

A stackbased buffer overflow was fixed in the ghostscript interpreter, which potentially could be used to execute code or at least crash ghostscript. CVE-2008-0411 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

6.8CVSS6AI score0.15307EPSS

Exploits1References1

Tenable Nessus•added 2008/02/29 12:0 a.m.•17 views

SuSE 10 Security Update : Ghostscript (ZYPP Patch Number 4984)

A stack-based buffer overflow was fixed in the ghostscript interpreter, which potentially could be used to execute code or at least crash ghostscript. CVE-2008-0411 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

6.8CVSS6.1AI score0.15307EPSS