68 matches found
MGASA-2019-0236 Updated ghostscript packages fix security vulnerability
Updated ghostscript packages fix security vulnerability: It was found that the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate...
Updated ghostscript packages fix security vulnerability
Updated ghostscript packages fix security vulnerability: It was found that the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate...
minidjvu denial of service vulnerability (CNVD-2017-25770)
minidjvu is a command-line utility for encoding and decoding single-page black-and-white DjVu files with the ability to compress multiple pages, taking advantage of similarities between pages. A denial of service vulnerability exists in the mdjvubitmapgetboundingbox function in base/4bitmap.c in...
SUSE SLES10 Security Update : Xen (SUSE-SU-2014:1691-1)
Xen has been updated to fix six security issues : - Guest effectable page reference leak in MMUMACHPHYSUPDATE handling CVE-2014-9030. - Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor CVE-2014-8867. - Missing privilege level checks in x86 emulation of far branches...
Fedora 19 : xen-4.2.5-6.fc19 (2014-16017)
Excessive checking in compatibility mode hypercall argument translation, Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor, fix segfaults and failures in xl migrate --debug Note that Tenable Network Security has extracted the preceding description block directly from the...
Insufficient bounding of "REP MOVS" to MMIO emulated inside the hypervisor
ISSUE DESCRIPTION Acceleration support for the "REP MOVS" instruction, when the first iteration accesses memory mapped I/O emulated internally in the hypervisor, incorrectly assumes that the whole range accessed is handled by the same hypervisor sub-component. IMPACT A buggy or malicious HVM gues...
GV PostScript Viewer Remote Buffer overflow Exploit (2)
No description provided by source. there are at least 4 other stack buffer overflows, and 2 heap overflows. the first exploit i wrote exploited the one in the GLSA, and this one exploits that hole and four other ones as well. all of these are in the psscan function located in the ps.c file: 'grep...
DEBIAN-CVE-2004-1717
Multiple buffer overflows in the psscan function in ps.c for gv ghostview allow remote attackers to execute arbitrary code via a Postscript file with a long 1 BoundingBox, 2 comment, 3 Orientation, 4 PageOrder, or 5 Pages value...