Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2019-6116

It was found that ghostscript could leak sensitive operators on the operand stack when a pseudo-operator pushes a subroutine. A specially crafted PostScript file could use this flaw to escape the -dSAFER protection in order to, for example, have access to the file system outside of the SAFER...

SRC-2019-0021 : Adobe Acrobat Pro DC Distiller PostScript File Parsing Use-After-free Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

Information Disclosure

ghostscript is vulnerable to information disclosure attacks. The vulnerability exists as the getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file...

GLSA-201811-12 : GPL Ghostscript: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201811-12 GPL Ghostscript: Multiple vulnerabilities Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for additional information. Impact : A context-dependent...

The vulnerability of the interpreter for software used for processing, transforming, and generating Ghostscript documents allows a perpetrator to execute arbitrary code.

The vulnerability of the interpreter used in software for processing, transforming, and generating Ghostscript documents is related to errors in the data type conversion of the LockDistillerParams parameter. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a...

The vulnerability of the software for processing, transforming, and generating documents using Ghostscript relates to the execution of operations beyond the buffer boundaries in memory. This allows an attacker to execute arbitrary code or cause a service failure.

The vulnerability of the software for processing, transforming, and generating Ghostscript documents lies in the escape operation that occurs outside the buffer during data type transformation using the .shfill operator. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

Artifex Ghostscript Restriction Bypass Vulnerability

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A restriction bypa...

DEBIAN-CVE-2017-18237

An issue was discovered in Exempi before 2.4.3. The PostScriptSupport::ConvertToDate function in XMPFiles/source/FormatSupport/PostScriptSupport.cpp allows remote attackers to cause a denial of service invalid pointer dereference and application crash via a crafted .ps file...

UBUNTU-CVE-2018-7729

An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...

SRC-2019-0019 : Adobe Acrobat Pro DC Distiller PostScript File Parsing dvips TeXDict Type Confusion Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

VulnCheck KEV: CVE-2013-4979

Buffer overflow in the gldll32.dll module in EPS Viewer 3.2 and earlier allows remote attackers to execute arbitrary code via a crafted EPS file...

ImageMagick Denial of Service Vulnerability (CNVD-2017-18116)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in the 'WritePSImage' function in the coders/ps.c file in ImageMagick version...

UBUNTU-CVE-2017-8291

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile %pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017...

ImageMagick Denial of Service Vulnerability (CNVD-2017-04574)

ImageMagick is an open source image viewing and editing tool for Unix/Linux platforms. ImageMagick suffers from a denial of service vulnerability, which can be exploited by a remote attacker via a constructed ps file...

CVE-2013-5653

The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file...

CVE-2013-5653

The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file...

SUSE SLED12 / SLES12 Security Update : ghostscript-library (SUSE-SU-2016:2492-1)

This update for ghostscript-library fixes the following issues : - Multiple security vulnerabilities have been discovered where ghostscript's '-dsafer' flag did not provide sufficient protection against unintended access to the file system. Thus, a machine that would process a specially crafted...

CVE-2015-3228

Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...

Integer overflow

Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...