2801 matches found
Exempi 'PostScript_MetaHandler::ParsePSFile()' function heap buffer overflow vulnerability
Exempi is an open source implementation of XMP based on the Adobe XMP SDK. A heap buffer overflow vulnerability exists in the 'PostScriptMetaHandler::ParsePSFile' function in the XMPFiles/source/FileHandlers/PostScriptHandler.cpp file in Exempi 2.4.4 and earlier. An attacker can exploit this...
Stack overflow
An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...
CVE-2018-7729
An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...
DEBIAN-CVE-2018-7729
An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...
UBUNTU-CVE-2018-7729
An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...
Updated ghostscript packages fix security vulnerability
The fillthreshholdbuffer function in base/gxhtthresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document CVE-2016-10317...
PT-2018-1532 · Artifex +5 · Ghostscript +5
Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions prior to 9.24 Description: The issue is related to a type confusion error in the LockDistillerParams parameter. Attackers who can provide manipulated PostScript files could exploit this to crash the interpreter or...
SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2018:0407-1)
This update for ghostscript fixes several issues. These security issues were fixed : - CVE-2017-9835: The gsallocrefarray function allowed remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted...
openSUSE Security Update : ghostscript (openSUSE-2018-157)
This update for ghostscript fixes several security issues : - CVE-2017-9835: The gsallocrefarray function allowed remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document bsc1050879. ...
SRC-2019-0019 : Adobe Acrobat Pro DC Distiller PostScript File Parsing dvips TeXDict Type Confusion Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2019-0018 : Adobe Acrobat Pro DC Distiller PostScript File Parsing Type 1 Font FontInfo Type Confusion Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
VulnCheck KEV: CVE-2013-4979
Buffer overflow in the gldll32.dll module in EPS Viewer 3.2 and earlier allows remote attackers to execute arbitrary code via a crafted EPS file...
[SECURITY] Fedora 26 Update: evince-3.24.2-2.fc26
Evince is simple multi-page document viewer. It can display and print Portable Document Format PDF, PostScript PS and Encapsulated PostScript EPS files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents...
UBUNTU-CVE-2017-17682
In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service CPU exhaustion via a crafted wpg image file that triggers a ReadWPGImage call...
[SECURITY] Fedora 27 Update: transfig-3.2.6a-1.fc27
The transfig utility creates a makefile which translates FIG created by xfig or PIC figures into a specified LaTeX graphics language for example, PostScriptTM. Transfig is used to create TeX documents which are portable i.e., they can be printed in a wide variety of environments. Install transfig...
[SECURITY] Fedora 26 Update: transfig-3.2.6a-1.fc26
The transfig utility creates a makefile which translates FIG created by xfig or PIC figures into a specified LaTeX graphics language for example, PostScriptTM. Transfig is used to create TeX documents which are portable i.e., they can be printed in a wide variety of environments. Install transfig...
Updated ghostscript packages fix security vulnerabilities
Multiple use-after-free vulnerabilities in the gximageenumbegin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PostScript...
[SECURITY] Fedora 27 Update: ghostscript-9.22-1.fc27
Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...
sam2p integer overflow vulnerability (CNVD-2017-36354)
sam2p is a command-line utility that can convert many raster bitmap image formats such as GIF, JPG/JPEG and PNG to PostScript or PDF files. An integer overflow vulnerability exists in input-bmp.ci in the ReadImage function in sam2p version 0.49.4, for which there is currently no detailed...
VulnCheck KEV: CVE-2013-0808
Hangul Word Processor contains a buffer overflow vulnerability that can be exploited by an embedded EPS object contained in a malicious HWP document...