CentOS 6 / 7 : ghostscript (CESA-2017:1230)

An update for ghostscript is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

ghostscript security update

CentOS Errata and Security Advisory CESA-2017:1230 An update for ghostscript is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

[SECURITY] Fedora 24 Update: ghostscript-9.20-9.fc24

Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...

RHEL 6 / 7 : ghostscript (RHSA-2017:1230)

An update for ghostscript is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Microsoft Office Remote Code Execution Vulnerability (CNVD-2017-06561)

Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A remote code execution vulnerability exists in Microsoft Office. An attacker can exploit this vulnerabili...

RedHat Update for ghostscript RHSA-2017:1230-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ghostscript: corruption of operand stack

It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER protection...

Important: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2017-8908

The marklinetr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service out-of-bounds read via a crafted PostScript document...

Out-of-bounds

The marklinetr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service out-of-bounds read via a crafted PostScript document...

DEBIAN-CVE-2017-8908

The marklinetr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service out-of-bounds read via a crafted PostScript document...

CVE-2017-8908

The marklinetr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service out-of-bounds read via a crafted PostScript document...

CVE-2017-8908

The marklinetr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service out-of-bounds read via a crafted PostScript document...

CVE-2017-8908

The marklinetr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service out-of-bounds read via a crafted PostScript document...

Encapsulated PostScript (EPS) の脆弱性を利用した攻撃に対処するために団結する

本記事は、MSRC Team のブログ “Coming together to address Encapsulated PostScript EPS attacks” 2017 年 5 月 9 日 米国時間公開 を翻...

Microsoft Office Multiple Remote Code Execution (CVE-2017-0261)

A remote code execution vulnerability exists in Encapsulated PostScript EPS of Microsoft Office. The vulnerability is due to the way that Microsoft Office does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing ...

Microsoft Office EPS Remote Code Execution (CVE-2017-0262)

A remote code execution vulnerability exists in Encapsulated PostScript EPS of Microsoft Office. The vulnerability is due to the way that Microsoft Office does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing ...

EPS Processing Zero-Days Exploited by Multiple Threat Actors

In 2015, FireEye published details about two attacks exploiting vulnerabilities in Encapsulated PostScript EPS of Microsoft Office. One was a zero-day and one was patched weeks before the attack launched. Recently, FireEye identified three new zero-day vulnerabilities in Microsoft Office products...

Coming together to address Encapsulated PostScript (EPS) attacks

Today’s security updates include three updates that exemplify how the security ecosystem can come together to help protect consumers and enterprises. We would like to thank FireEye and ESET for working with us. Customers that have the latest security updates installed are protected against the...

PT-2017-2152 · Microsoft · Office

Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Description: The issue is related to the improper handling of data in Microsoft Office, which can be exploited by a remote attacker to execute arbitrary code. The exploitation can occur when a...