200 matches found
CVE-2015-3228
Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...
CVE-2015-3228
Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...
CVE-2015-3228
Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...
UBUNTU-CVE-2014-9812
ImageMagick allows remote attackers to cause a denial of service NULL pointer dereference via a crafted ps file...
GLSA-201412-17 : GPL Ghostscript: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201412-17 GPL Ghostscript: Multiple vulnerabilities Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could enti...
Updated a2ps packages fix CVE-2014-0466
Updated a2ps packages fix security vulnerability: Brian M. Carlson reported that a2ps's fixps script does not invoke gs with the -dSAFER option. Consequently executing fixps on a malicious PostScript file could result in files being deleted or arbitrary commands being executed with the privileges...
CVE-2014-0466
The fixps script in a2ps 4.14 does not use the -dSAFER option when executing gs, which allows context-dependent attackers to delete arbitrary files or execute arbitrary commands via a crafted PostScript file...
CVE-2014-0466
The fixps script in a2ps 4.14 does not use the -dSAFER option when executing gs, which allows context-dependent attackers to delete arbitrary files or execute arbitrary commands via a crafted PostScript file...
CVE-2014-0466
The fixps script in a2ps 4.14 does not use the -dSAFER option when executing gs, which allows context-dependent attackers to delete arbitrary files or execute arbitrary commands via a crafted PostScript file...
Design/Logic Flaw
The fixps script in a2ps 4.14 does not use the -dSAFER option when executing gs, which allows context-dependent attackers to delete arbitrary files or execute arbitrary commands via a crafted PostScript file...
UBUNTU-CVE-2014-0466
The fixps script in a2ps 4.14 does not use the -dSAFER option when executing gs, which allows context-dependent attackers to delete arbitrary files or execute arbitrary commands via a crafted PostScript file...
CVE-2014-0466
The fixps script in a2ps 4.14 does not use the -dSAFER option when executing gs, which allows context-dependent attackers to delete arbitrary files or execute arbitrary commands via a crafted PostScript file...
CVE-2014-0466
CVE-2014-0466 affects the a2ps package. The underlying issue is in the fixps script: it does not invoke Ghostscript with the -dSAFER option, enabling a crafted PostScript file to trigger arbitrary commands or delete files. Documented impact across multiple distros states remote attackers could ex...
Debian DSA-2892-1 : a2ps - security update
Several vulnerabilities have been found in a2ps, an 'Anything to PostScript' converter and pretty-printer. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2001-1593 The spyuser function which is called when a2ps is invoked with the --debug flag insecurel...
DSA-2892-1 a2ps - security update
Bulletin has no description...
Ubuntu Update for ghostscript vulnerabilities USN-961-1
Ubuntu Update for Linux kernel vulnerabilities USN-961-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9611.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for ghostscript vulnerabilities USN-961-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
Mandriva Update for ghostscript MDVSA-2010:102 (ghostscript)
Check for the Version of ghostscript OpenVAS Vulnerability Test Mandriva Update for ghostscript MDVSA-2010:102 ghostscript Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
DEBIAN-CVE-2010-1628
Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter...
CVE-2010-1628
Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter...
CVE-2010-1628
Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter...