Debian DLA-371-1 : foomatic-filters security update

Adam Chester discovered that there was an injection vulnerability in foomatic-filters which is used by printer spoolers to convert incoming PostScript data into the printer's native format. This could lead to the execution of arbitrary commands. The patch applied in DLA 365-1 prevented usage of...

DLA-371-1 foomatic-filters - security update

Bulletin has no description...

The EPS Awakens

On September 8, FireEye published details about an attack exploiting zero day vulnerabilities in Microsoft Office CVE-2015-2545 and Windows CVE-2015-2546. The attack was particularly notable because it leveraged PostScript to drive memory corruption in a way that had never been seen before. The...

Debian DLA-365-1 : foomatic-filters security update

It was discovered that there was an injection vulnerability in foomatic-filters which is used by printer spoolers to convert incoming PostScript data into the printer's native format. For Debian 6 Squeeze, this issue has been fixed in foomatic-filters version 4.0.5-6+squeeze2+deb6u11 NOTE: Tenabl...

DLA-365-1 foomatic-filters - security update

Bulletin has no description...

[SECURITY] Fedora 22 Update: potrace-1.13-2.fc22

Potrace is a utility for tracing a bitmap, which means, transforming a bitm ap into a smooth, scalable image. The input is a bitmap PBM, PGM, PPM, or BMP format, and the default output is an encapsulated PostScript file EPS. A typical use is to create EPS files from scanned data, such as company ...

[SECURITY] Fedora 23 Update: potrace-1.13-2.fc23

Potrace is a utility for tracing a bitmap, which means, transforming a bitm ap into a smooth, scalable image. The input is a bitmap PBM, PGM, PPM, or BMP format, and the default output is an encapsulated PostScript file EPS. A typical use is to create EPS files from scanned data, such as company ...

GNU a2ps Formatted String Denial of Service Vulnerability

GNU a2ps is a package developed by the GNU Project that supports the conversion of any type of file into a PostScript file. The GNU a2ps formatted-printing function fails to adequately filter user input that is used as a formatting descriptor, allowing an attacker to exploit the vulnerability to...

CVE-2004-1717

Multiple buffer overflows in the psscan function in ps.c for gv ghostview allow remote attackers to execute arbitrary code via a Postscript file with a long 1 BoundingBox, 2 comment, 3 Orientation, 4 PageOrder, or 5 Pages value...

Mageia: Security Advisory (MGASA-2015-0308)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Microsoft Office software package, which allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Office suite exists due to insufficient testing of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted EPS image...

Windows ATMFD.DLL CharString Stream Out-of-Bounds Reads

Source: https://code.google.com/p/google-security-research/issues/detail?id=382&can=1 We have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font files, such as: --- DRIVERPAGEFAULTBEYONDENDOFALLOCATION d6 N bytes of memory was...

CVE-2014-9745

The parseencoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service infinite loop via a "broken number-with-base" in a Postscript stream, as demonstrated by 8garbage...

Code injection

The parseencoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service infinite loop via a "broken number-with-base" in a Postscript stream, as demonstrated by 8garbage...

DEBIAN-CVE-2014-9745

The parseencoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service infinite loop via a "broken number-with-base" in a Postscript stream, as demonstrated by 8garbage...

CVE-2014-9745

The parseencoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service infinite loop via a "broken number-with-base" in a Postscript stream, as demonstrated by 8garbage...

UBUNTU-CVE-2014-9745

The parseencoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service infinite loop via a "broken number-with-base" in a Postscript stream, as demonstrated by 8garbage...

CVE-2014-9745

The parseencoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service infinite loop via a "broken number-with-base" in a Postscript stream, as demonstrated by 8garbage...

CVE-2014-9745

CVE-2014-9745 affects FreeType: the parse_encoding path in type1/t1load.c (before 2.5.3) can be triggered by a crafted PostScript stream (e.g., 8#garbage) to cause a denial of service. Public docs consistently cite this as a DoS via broken number-with-base; affected versions are

CVE-2014-9745

The parseencoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service infinite loop via a "broken number-with-base" in a Postscript stream, as demonstrated by 8garbage...