Arbitrary Code Execution

tetex is vulnerable to arbitrary code execution. The vulnerability exists through multiple integer overflow flaws were found in the way teTeX processed special commands when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable t...

Arbitrary Code Execution

cups is vulnerable to arbitrary code execution. An insufficient buffer bounds checking flaw was discovered in the HP-GL/2-to-PostScript "hpgltops" filter. An attacker could create a malicious HP-GL/2 file that could, possibly, execute arbitrary code as the "lp" user if the file was printed...

Arbitrary Code Execution

ghostscript is vulnerable to arbitrary code execution. A buffer overflow flaw and multiple missing boundary checks were found in Ghostscript. An attacker could create a specially-crafted PostScript or PDF file that could cause Ghostscript to crash or, potentially, execute arbitrary code when open...

Arbitrary Code Execution

ghostscript is vulnerable to arbitrary code execution. It was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not address all possible integer overflow flaws in Ghostscript's International Color Consortium Format library icclib. Using specially-crafted ICC profiles, an attacker...

Arbitrary Code Execution

ghostscript is vulnerable to arbitrary code execution. A buffer overflow flaw and multiple missing boundary checks were found in Ghostscript. An attacker could create a specially-crafted PostScript or PDF file that could cause Ghostscript to crash or, potentially, execute arbitrary code when open...

Arbitrary Code Execution

ghostscript is vulnerable to arbitrary code execution. A buffer overflow flaw and multiple missing boundary checks were found in Ghostscript. An attacker could create a specially-crafted PostScript or PDF file that could cause Ghostscript to crash or, potentially, execute arbitrary code when open...

Arbitrary Code Execution

cups is vulnerable to arbitrary code execution. The vulnerability exists as two overflows were discovered in the HP-GL/2-to-PostScript filter. An attacker could create a malicious HP-GL/2 file that could possibly execute arbitrary code as the "lp" user if the file is printed...

okular security update

CentOS Errata and Security Advisory CESA-2020:1173 An update for okular is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

EulerOS Virtualization for ARM 64 3.0.6.0 : ghostscript (EulerOS-SA-2020-1348)

According to the versions of the ghostscript packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did n...

GPL Ghostscript: Multiple vulnerabilities

Background Ghostscript is an interpreter for the PostScript language and for PDF. Description Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to process a specially craft...

ImageMagick: heap-based buffer overflow in ReadPSInfo in coders/ps.c

ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c...

Moderate: Red Hat Security Advisory: okular security update

An update for okular is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Microsoft Windows Type 1 Font Parsing Remote Code Execution Vulnerability (ADV200006)

Two remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. There are multiple ways an attacker could exploit the vulnerability, such as convincing a use...

Type 1 Font Parsing Remote Code Execution Vulnerability

Microsoft has become aware of limited targeted Windows 7 based attacks that could leverage un-patched vulnerabilities in the Adobe Type Manager Library, and is providing the following guidance to help reduce customer risk until the security update is released. We appreciate the efforts of our...

CVE-2020-8883

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.916. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

Adobe Photoshop EPS BoundingBox Element Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the...

EulerOS Virtualization for ARM 64 3.0.2.0 : cairo (EulerOS-SA-2020-1260)

According to the versions of the cairo packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Cairo is a 2D graphics library designed to provide high-quality display and print output. Currently supported output...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2020-1240)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of Qualcomm IPS’s PostScript- and PDF-compliant software interpreters, caused by a full-integer overflow, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Qualcomm IPS’s PostScript- and PDF-compliant software interpreters is due to a numerical overflow condition. Exploiting this vulnerability can allow an attacker operating remotely to compromise the confidentiality, integrity, and accessibility of the protected information...

EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2020-1100)

According to the version of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER...