CVE-2023-28879

In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then...

CVE-2023-28879

CVE-2023-28879 affects Ghostscript (through 10.01.0) with a buffer overflow in base/sbcp.c affecting BCPEncode/BCPDecode/TBCPEncode/TBCPDecode. The issue can corrupt internal PostScript interpreter data when the write buffer is near full and an escaped character is written, potentially causing to...

CVE-2023-28879

In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then...

ghostscript -- exploitable buffer overflow in (T)BCP in PS interpreter

[email protected] reports: In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less...

Lexmark Printer Multiple Input Validation Vulnerabilities (Mar 2023)

Multiple Lexmark printer devices are prone to multiple input validation vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Lexmark Printer Multiple Postscript Interpreter Vulnerabilities (Mar 2023)

Multiple Lexmark printer devices are prone to multiple vulnerabilities in the Postscript interpreter. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

USN-5396-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...

(Pwn2Own) HP LaserJet Pro MFP M283fdw CFF Font Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of HP LaserJet Pro MFP M283fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PostScript interpreter. Crafted data in a CFF font can...

CVE-2021-44738

Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter...

CVE-2021-44738

Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter...

Buffer overflow

Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter...

CVE-2021-44738

CVE-2021-44738 is a buffer-overflow vulnerability in Lexmark devices’ PostScript interpreter. Multiple sources (ZDI advisories and NVD) describe a write past the end of a buffer during PostScript data handling, enabling potential remote code execution on affected Lexmark printers (e.g., MC3224i) ...

CVE-2021-44738

Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter...

USN-5075-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...

USN-4445-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code,...

The vulnerability of Qualcomm IPS’s PostScript- and PDF-compliant software interpreters, caused by a full-integer overflow, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Qualcomm IPS’s PostScript- and PDF-compliant software interpreters is due to a numerical overflow condition. Exploiting this vulnerability can allow an attacker operating remotely to compromise the confidentiality, integrity, and accessibility of the protected information...

gs-gpl competitive conditions issue vulnerability

gs-gpl is a Ghostscript PostScript interpreter. A competing condition issue vulnerability exists in gs-gpl versions prior to 8.56, which arises from improper handling of concurrent access when concurrent code requires mutually exclusive access to shared resources during operation of a networked...

USN-3831-1: Ghostscript vulnerabilities

It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service...

CVE-2018-16511

An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact...

DEBIAN-CVE-2016-7976

The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams...