5483 matches found
Important: Red Hat Security Advisory: ghostscript security update
A ghostscript package fixing a command execution vulnerability is now available. GNU Ghostscript is an interpreter for the PostScript language, and is often used when printing to printers that do not have their own built-in PostScript interpreter. A flaw has been discovered in the way Ghostscript...
CVE-2003-0354
Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job...
CVE-2003-0354
CVE-2003-0354 affects GNU Ghostscript before 7.07. A flaw in how Ghostscript processes PostScript allows a malicious print job to execute arbitrary commands, even when using the -dSAFER option, potentially compromising a system that handles such jobs. The issue is described across multiple source...
CVE-2003-0354
Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job...
CVE-2003-0204
KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via 1 PostScript PS or 2 PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer...
[SECURITY] [DSA 296-1] New kdebase packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 296-1 [email protected] http://www.debian.org/security/ Martin Schulze April 30th, 2003 http://www.debian.org/security/faq -...
DSA-296 kdebase - insecure execution
Bulletin has no description...
[SECURITY] [DSA 293-1] New kdelibs packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 293-1 [email protected] http://www.debian.org/security/ Martin Schulze April 23rd, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 293-1] New kdelibs packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 293-1 [email protected] http://www.debian.org/security/ Martin Schulze April 23rd, 2003 http://www.debian.org/security/faq -...
DSA-293 kdelibs - insecure execution
Bulletin has no description...
Updated KDE packages available
New KDE 3.1.1a packages are available for Slackware 9.0 which fix a security problem with the handling of PS and PDF documents. Here are the details from the Slackware 9.0 ChangeLog: Thu Apr 17 15:32:15 PDT 2003 patches/packages/kde/: Upgraded to KDE 3.1.1a. Also included in this directory are a...
CVE-2003-0207
ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files...
CVE-2003-0204
KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via 1 PostScript PS or 2 PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer...
ghostscript symbolic link problem
Symboli link problem during temporary files creation in ps2epsi...
[SECURITY] [DSA 284-1] New kdegraphics packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 284-1 [email protected] http://www.debian.org/security/ Martin Schulze April 12th, 2003 http://www.debian.org/security/faq -...
DSA-284 kdegraphics - insecure execution
Bulletin has no description...
KDE Security Advisory: PS/PDF file handling vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KDE Security Advisory: PS/PDF file handling vulnerability Original Release Date: 2003-04-09 URL: http://www.kde.org/info/security/advisory-20030409-1.txt 0. References http://bugs.kde.org/showbug.cgi?id=53157 http://bugs.kde.org/showbug.cgi?id=53343...
CVE-2002-0363
ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice...
CVE-2002-0363
CVE-2002-0363 affects GNU Ghostscript prior to 6.53. A vulnerability in PostScript interpretation allows an attacker to cause Ghostscript to execute arbitrary commands by tricking the renderer into resetting the current pagedevice using .locksafe or .setsafe. The issue is due to insufficient vali...
ASA-0000: GV Execution of Arbitrary Shell Commands
"After" Security Advisory Title: GV Execution of Arbitrary Shell Commands Affects: gv-3.5.8 and probably older versions Advisory ID: ASA-0000 Release Date: 2002-10-01 Author: Marc Bevand bevandm at epita.fr URL: http://www.epita.fr/bevandm/asa/asa-0000 --oOo-- 0. Table of Contents 0. Table of...