DSA-981-1 bmv - integer overflow

Bulletin has no description...

Server side request forgery (ssrf)

Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to cause a denial of service via a crafted Postscript request...

CVE-2006-0826

Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to cause a denial of service via a crafted Postscript request...

CVE-2006-0826

Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to cause a denial of service via a crafted Postscript request...

[SECURITY] [DSA 945-1] New antiword packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 945-1 [email protected] http://www.debian.org/security/ Martin Schulze January 17th, 2006 http://www.debian.org/security/faq -...

AntiWord symbolic links problem

Word to Postscript document convertation insecure temporary file creation...

Ubuntu 4.10 / 5.04 : netpbm-free vulnerability (USN-164-1)

Max Vozeler discovered that the the 'pstopnm' conversion tool did not use the -dSAFER option when calling ghostscript. This option prohibits file operations and calling commands within PostScript code. This flaw could be exploited by an attacker to execute arbitrary code if he tricked an user or ...

USN-223-1: Inkscape vulnerability

Javier Fernández-Sanguino Peña discovered that Inkscape's ps2epsi.sh script, which converts PostScript files to Encapsulated PostScript format, creates a temporary file in an insecure way. A local attacker could exploit this with a symlink attack to create or overwrite arbitrary files with the...

CVE-2005-3278

Integer overflow in the openpsfile function in gsinterf.c for Jan Kybic BitMap Viewer BMV 1.2 allows local users to execute arbitrary code via a PostScript PS file containing a large number of pages value, which leads to a resultant buffer overflow...

CVE-2005-3278

Integer overflow in the openpsfile function in gsinterf.c for Jan Kybic BitMap Viewer BMV 1.2 allows local users to execute arbitrary code via a PostScript PS file containing a large number of pages value, which leads to a resultant buffer overflow...

bmv integer overflow

Integer overflow on PostScript PS files processing...

RHEL 3 : ghostscript (RHSA-2005:081)

Updated ghostscript packages that fix a PDF output issue and a temporary file security bug are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Ghostscript is a program for displaying PostScript files or printing them to non-PostScript...

Mandrake Linux Security Advisory : netpbm (MDKSA-2005:133)

Max Vozeler discovered that pstopnm, a part of the netpbm graphics utility suite, would call the GhostScript interpreter on untrusted PostScript files without using the -dSAFER option when converting a PostScript file into a PBM, PGM, or PNM file. This could result in the execution of arbitrary...

Debian DSA-792-1 : pstotext - missing input sanitising

Max Vozeler discovered that pstotext, a utility to extract text from PostScript and PDF files, did not execute ghostscript with the -dSAFER argument, which prevents potential malicious operations to happen. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...

netpbm security update

CentOS Errata and Security Advisory CESA-2005:743-01 Updated netpbm packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The netpbm package contains a library of functions that support programs for...

X11, netpbm, vim security update

CentOS Errata and Security Advisory CESA-2005:745 Updated netpbm packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The netpbm package contains a library of functions that support programs for...

netpbm security update

CentOS Errata and Security Advisory CESA-2005:743 Updated netpbm packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The netpbm package contains a library of functions that support programs for...

security flaw

pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a 1 PBM, 2 PGM, or 3 PNM file, which allows external user-assisted attackers to execute arbitrary commands...

Low: Red Hat Security Advisory: netpbm security update

Updated netpbm packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The netpbm package contains a library of functions that support programs for handling various graphics file formats, including .pbm...

USN-164-1: netpbm vulnerability

Max Vozeler discovered that the the "pstopnm" conversion tool did not use the -dSAFER option when calling ghostscript. This option prohibits file operations and calling commands within PostScript code. This flaw could be exploited by an attacker to execute arbitrary code if he tricked an user or ...