UBUNTU-CVE-2024-33870

An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal via a crafted PostScript document to arbitrary files if the current directory is in the permitted paths. For example, there can be a transformation of ../../foo to ./../../foo and this will grant access if ./ i...

OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow

...

PT-2024-4559 · Artifex +9 · Artifex Ghostscript +9

Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions prior to 10.03.1 Description: The issue is related to errors in handling relative path to directory in the Ghostscript software, which can allow a remote attacker to execute arbitrary code using a specially crafte...

[SECURITY] Fedora 40 Update: fontforge-20230101-11.fc40

FontForge former PfaEdit is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts...

[SECURITY] Fedora 40 Update: xmlgraphics-commons-2.9-3.fc40

Apache XML Graphics Commons is a library that consists of several reusable components used by Apache Batik and Apache FOP. Many of these components can easily be used separately outside the domains of SVG and XSL-FO. You will find components such as a PDF library, an RTF library, Graphics2D...

BIT-MOODLE-2022-35649

The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in...

openSUSE: Security Advisory for ghostscript (SUSE-SU-2023:3984-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-50735

A heap corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...

CVE-2023-50736

A memory corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...

Memory corruption

A memory corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...

Heap overflow

A heap corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...

CVE-2023-50736 A vulnerability has been identified in the PostScript interpreter in various Lexmark devices.

A memory corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...

CVE-2023-50736

CVE-2023-50736 affects Lexmark printers where the PostScript interpreter has a memory corruption vulnerability that can allow remote code execution. The issue is present in various Lexmark devices and can be triggered over a network; the impact is arbitrary code execution with high severity. Lexm...

CVE-2023-50735

Summary (CVE-2023-50735): A heap corruption vulnerability in the PostScript interpreter affects Lexmark devices. The issue can lead to arbitrary code execution and is described as exploitable remotely over a network with high impact on confidentiality, integrity, and availability (CVSS 3.1: 9.0)....

CVE-2023-50734

A buffer overflow vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...

Buffer overflow

A buffer overflow vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...

CVE-2023-50734 A vulnerability has been identified in the PostScript interpreter in various Lexmark devices.

A buffer overflow vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...

CVE-2023-50734

CVE-2023-50734 affects Lexmark printers where a buffer overflow in the PostScript interpreter could allow a remote attacker to execute arbitrary code. The vulnerability is exploitable over the network with no user interaction, and the impact is consistent with a remote code execution on affected ...

CVE-2023-50734 A vulnerability has been identified in the PostScript interpreter in various Lexmark devices.

A buffer overflow vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...

Lexmark Security Breach

Lexmark is a series of printers in the United States. A security vulnerability exists in Lexmark devices that stems from a buffer overflow vulnerability in the PostScript interpreter. An attacker could exploit the vulnerability to execute arbitrary code...