2801 matches found
The vulnerability of the Windows Adobe Type Manager library on Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the Windows Adobe Type Manager library in Windows operating systems is related to the improper handling of the specially created multi-level font format—Adobe Type 1 PostScript. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially...
[ASA-202005-4] a2ps: multiple issues
Arch Linux Security Advisory ASA-202005-4 ========================================= Severity: High Date : 2020-05-06 CVE-ID : CVE-2014-0466 CVE-2015-8107 Package : a2ps Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1150 Summary ======= The package a2ps before versio...
EulerOS Virtualization for ARM 64 3.0.2.0 : ghostscript (EulerOS-SA-2020-1549)
According to the versions of the ghostscript package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation...
FontForge: Multiple vulnerabilities
Background FontForge is a PostScript font editor and converter. Description Multiple vulnerabilities have been discovered in FontForge. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted font using FontForge,...
The vulnerability of the built-in PDF converter in the Ghostscript software, which is used for processing, transforming, and generating documents, allows a hacker to trigger a system failure.
The vulnerability of the embedded PDF converter in the Ghostscript software for document processing, conversion, and generation is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to trigger a service failure using a specially crafted PostScript...
The vulnerability of the `setdistillerkeys` command in the software for processing, transforming, and generating Ghostscript documents allows a perpetrator to trigger a service failure.
The vulnerability of the setdistillerkeys command in the software for processing, transforming, and generating Ghostscript documents is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to trigger a service failure using a...
The vulnerability of the .tempfile component in the software suite for processing, transforming, and generating Ghostscript documents allows a perpetrator to circumvent the dSAFER protection mechanism, delete files, or gain unauthorized access to protected information.
The vulnerability of the .tempfile component in the software for processing, transforming, and generating Ghostscript documents is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to bypass the dSAFER protection, delete files, or gain unauthorized...
Moderate: Red Hat Security Advisory: fontforge security update
An update for fontforge is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Adobe Bridge PostScript put Command Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the...
Adobe Bridge PostScript CharString Directory Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...
Adobe Bridge PostScript drop Command Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the...
Adobe Bridge PostScript hsbw Command Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the...
Adobe Bridge EPS BoundingBox Element Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the...
Adobe Bridge PostScript callothersubr Command Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the...
Adobe Bridge PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...
Adobe Bridge PostScript callothersubr Command Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of the...
Adobe Bridge PostScript blend Command Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the...
Adobe Bridge PostScript load Command Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the...
Adobe Bridge PostScript File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...
The vulnerability of the .charkeys procedure in the PostScript/PDF Ghostscript interpreter allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the .charkeys procedure in the PostScript/PDF Ghostscript interpreter is related to a security protection flaw that allows scripts to bypass the "-dSAFER" restriction. Exploiting this vulnerability can enable an attacker operating remotely to gain access to confidential data,...