[SECURITY] Fedora 23 Update: ghostscript-9.20-2.fc23

Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...

[SECURITY] Fedora 24 Update: ghostscript-9.20-2.fc24

Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...

[SECURITY] Fedora 25 Update: ghostscript-9.20-2.fc25

Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...

CVE-2016-8602

It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process...

Debian DSA-3691-1 : ghostscript - security update

Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution of arbitrary code or information disclosure if a specially crafted Postscript file is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

[SECURITY] [DSA 3691-1] ghostscript security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3691-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 12, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3691-1] ghostscript security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3691-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 12, 2016 https://www.debian.org/security/faq -...

Debian Security Advisory DSA 3691-1 (ghostscript - security update)

Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution of arbitrary code or information disclosure if a specially crafted Postscript file is processed. OpenVAS Vulnerability Test $Id: deb3691.nasl 6959 2017-08-18 07:24:59Z astei...

CVE-2016-8602

The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack...

SUSE SLED12 / SLES12 Security Update : ghostscript-library (SUSE-SU-2016:2492-1)

This update for ghostscript-library fixes the following issues : - Multiple security vulnerabilities have been discovered where ghostscript's '-dsafer' flag did not provide sufficient protection against unintended access to the file system. Thus, a machine that would process a specially crafted...

UBUNTU-CVE-2016-8602

The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack...

DSA-3691-1 ghostscript - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3691-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-7977

It was found that ghostscript function .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could, in the context of the gs process, retrieve file content on the target machine...

CVE-2016-7977

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...

UBUNTU-CVE-2016-7977

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...

Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode...

Microsoft Windows Kernel - ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)

Microsoft Windows Kernel - ATMFD.dll NamedEscape 0x250C Pool Corruption MS16-074 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of...

Microsoft Windows Kernel - 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode applications via an undocumented gdi32!NamedEscape API...

SRC-2016-0039 : Microsoft Windows PDF Library PostScript Calculator Out-of-Bounds Read Information Disclosure Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of the Microsoft Windows PDF Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file...