VulnCheck KEV: CVE-2015-2545

Microsoft Office allows remote attackers to execute arbitrary code via a crafted EPS image...

PT-2015-1995

Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2007 SP3 through 2013 RT SP1 Description A remote code execution issue exists due to insufficient input validation. Exploitation can allow a remote attacker to execute arbitrary code using a specially crafted EPS imag...

Amazon Linux: Security Advisory (ALAS-2012-127)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : ghostscript -- denial of service (crash) via crafted Postscript files (fc1f6658-4f53-11e5-934b-002590263bf5)

MITRE reports : Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or...

CVE-2015-3228

Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...

CVE-2015-3228

Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...

DEBIAN-CVE-2015-3228

Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...

Integer overflow

Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...

CVE-2015-3228

CVE-2015-3228 : Ghostscript 9.15 and earlier contains an integer overflow in gs_heap_alloc_bytes (base/gsmalloc.c) that can trigger an out-of-bounds read/write through a crafted PostScript file, as demonstrated via ps2pdf, causing denial of service (crash). Connected sources confirm the affected ...

CVE-2015-3228

Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...

CVE-2015-3228

Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...

MGASA-2015-0308 Updated ghostscript package fixes security vulnerability

GhostScript is vulnerable to an integer overflow when processing a crafted PostScript file using the ps2pdf command CVE-2015-3228...

ghostscript memory corruption

Memory corruption on Postscript file parsing...

One font vulnerability to rule them all #1: Introducing the BLEND vulnerability

Posted by Mateusz Jurczyk of Google Project Zero Last month, I presented parts of my PostScript font security research at the REcon security conference in Montreal, in a talk titled “One font vulnerability to rule them all: A story of cross-software ownage, shared codebases and advanced...

USN-2697-1: Ghostscript vulnerability

William Robinet and Stefan Cornelius discovered that Ghostscript did not correctly handle certain Postscript files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause a denial of service or possibly execute arbitrary code...

USN-2697-1 ghostscript vulnerability

William Robinet and Stefan Cornelius discovered that Ghostscript did not correctly handle certain Postscript files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause a denial of service or possibly execute arbitrary code...

UBUNTU-CVE-2015-3228

Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...

CVE-2015-3228

Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...

ghostscript -- denial of service (crash) via crafted Postscript files

MITRE reports: Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or wri...

t1utils Buffer Overflow Vulnerability

t1utils is a library for manipulating PostScript Type 1 fonts. A buffer overflow vulnerability exists in t1utils that could be exploited by an attacker to execute arbitrary code or conduct a denial of service attack...