Input validation

The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in...

UBUNTU-CVE-2022-35649

The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in...

CVE-2022-35649

The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in...

CVE-2022-35649

CVE-2022-35649 affects Moodle via improper input validation when parsing PostScript code, enabling remote code execution on GhostScript

PT-2022-21517 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.6.8 macOS versions prior to 12.5 Description: An out-of-bounds write issue was addressed with improved bounds checking. Processing a maliciously crafted Postscript file may result in unexpected app termination or...

Apple macOS Big Sur 缓冲区错误漏洞

Apple macOS Big Sur is the 17th major version of Apple's macOS, the operating system used by Apple Inc. for the MAC. Apple macOS Big Sur suffers from a buffer error vulnerability that stems from the fact that processing a maliciously crafted Postscript file may result in an unexpected application...

Artifex Software Ghostscript 代码问题漏洞

Artifex Software Ghostscript is an open source parser for Postscript a page description language and programming language used in the electronics industry and desktop publishing from Artifex Software, Inc. The product can display Postscript files as well as print Postscript files on non-Postscrip...

USN-5396-2 ghostscript vulnerability

USN-5396-1 addressed a vulnerability in Ghostscript. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a special...

USN-5396-2: Ghostscript vulnerability

USN-5396-1 addressed a vulnerability in Ghostscript. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a special...

USN-5396-1 ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...

USN-5396-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...

Artifex Software Ghostscript 缓冲区错误漏洞

Artifex Software Ghostscript is an open source parser for Postscript a page description language and programming language used in the electronics industry and desktop publishing from Artifex Software, Inc. The product can display Postscript files as well as print Postscript files on non-Postscrip...

[SECURITY] Fedora 36 Update: abcm2ps-8.14.13-1.fc36

Abcm2ps is a package which converts music tunes from ABC format to Postscript. Based on abc2ps version 1.2.5, it was developed mainly to print Baroque organ scores which have independent voices played on one or many keyboards and a pedal-board. Abcm2ps introduces many extensions to the ABC langua...

The vulnerability of PostScript interpreter devices from HP Print allows a perpetrator to execute arbitrary code.

The vulnerability of PostScript devices from HP Print involves reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

(Pwn2Own) HP LaserJet Pro MFP M283fdw CFF Font Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of HP LaserJet Pro MFP M283fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PostScript interpreter. Crafted data in a CFF font can...

[SECURITY] Fedora 35 Update: abcm2ps-8.14.13-1.fc35

Abcm2ps is a package which converts music tunes from ABC format to Postscript. Based on abc2ps version 1.2.5, it was developed mainly to print Baroque organ scores which have independent voices played on one or many keyboards and a pedal-board. Abcm2ps introduces many extensions to the ABC langua...

OESA-2022-1579 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2022-1270)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2022-1270)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribu...

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the recording of data beyond the buffer limit, allowing attackers to execute arbitrary code.

The vulnerability of Adobe After Effects’ video and dynamic image editing software relates to the writing of data beyond the buffer during the processing of PostScript files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...