Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : ghostscript, gs-esp, gs-gpl vulnerability (USN-599-1)

Chris Evans discovered that Ghostscript contained a buffer overflow in its color space handling code. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the...

Stack overflow

Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript .ps file containing a long Range array in a .seticcspace operator...

CVE-2008-0411

Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript .ps file containing a long Range array in a .seticcspace operator...

CVE-2008-0411

CVE-2008-0411 is a Ghostscript vulnerability affecting 8.61 and earlier where a stack-based buffer overflow in the zseticcspace function (zicc.c) allows a remote attacker to execute arbitrary code via a crafted PostScript file containing a long Range array in a .seticcspace operator. The issue is...

CVE-2008-0411

Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript .ps file containing a long Range array in a .seticcspace operator...

ghostscript -- zseticcspace() function buffer overflow vulnerability

Chris Evans from the Google Security Team reports: Severity: parsing of evil PostScript file will result in arbitrary code execution. A stack-based buffer overflow in the zseticcspace function in zicc.c allows remote arbitrary code execution via a malicious PostScript file .ps that contains a lon...

evince -- Buffer Overflow Vulnerability

Secunia reports: A vulnerability has been discovered in Evince, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "getnexttext" function in ps/ps.c. This can be exploited to cause a buffer overflow by e.g...

CVE-2006-5864

Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...

CVE-2006-5864

Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...

CVE-2006-1137

Multiple unspecified vulnerabilities in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allow remote attackers to cause an unspecified denial of service via a crafted PostScript file that will 1 "navigate through the...

CVE-2005-3278

Integer overflow in the openpsfile function in gsinterf.c for Jan Kybic BitMap Viewer BMV 1.2 allows local users to execute arbitrary code via a PostScript PS file containing a large number of pages value, which leads to a resultant buffer overflow...

CVE-2005-3278

Integer overflow in the openpsfile function in gsinterf.c for Jan Kybic BitMap Viewer BMV 1.2 allows local users to execute arbitrary code via a PostScript PS file containing a large number of pages value, which leads to a resultant buffer overflow...

GLSA-200508-04 : Netpbm: Arbitrary code execution in pstopnm

The remote host is affected by the vulnerability described in GLSA-200508-04 Netpbm: Arbitrary code execution in pstopnm Max Vozeler reported that pstopnm calls the GhostScript interpreter on untrusted PostScript files without specifying the -dSAFER option, to convert a PostScript file into a PBM...

Netpbm: Arbitrary code execution in pstopnm

Background Netpbm is a package of 220 graphics programs and a programming libraries, including pstopnm. pstopnm is a tool which converts PostScript files to PNM image files. Description Max Vozeler reported that pstopnm calls the GhostScript interpreter on untrusted PostScript files without...

CVE-2004-1717

Multiple buffer overflows in the psscan function in ps.c for gv ghostview allow remote attackers to execute arbitrary code via a Postscript file with a long 1 BoundingBox, 2 comment, 3 Orientation, 4 PageOrder, or 5 Pages value...

CVE-2004-1717

Multiple buffer overflows in the psscan function in ps.c for gv ghostview allow remote attackers to execute arbitrary code via a Postscript file with a long 1 BoundingBox, 2 comment, 3 Orientation, 4 PageOrder, or 5 Pages value...

CVE-2002-1223

Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps PostScript input file...

CVE-2003-0354

Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job...

CVE-2003-0354

CVE-2003-0354 affects GNU Ghostscript before 7.07. A flaw in how Ghostscript processes PostScript allows a malicious print job to execute arbitrary commands, even when using the -dSAFER option, potentially compromising a system that handles such jobs. The issue is described across multiple source...

CVE-2003-0354

Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job...