Updated ghostscript packages fix security vulnerabilities

Multiple use-after-free vulnerabilities in the gximageenumbegin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PostScript...

ghostscript: NULL pointer dereference in mem_get_bits_rectangle()

A NULL pointer dereference flaw was found in ghostscript's memgetbitsrectangle function. A specially crafted postscript document could cause a crash in the context of the gs process...

DEBIAN-CVE-2017-11714

psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the...

CVE-2017-11714

psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the...

Artifex Ghostscript 'gs_alloc_ref_array' function heap buffer overflow vulnerability

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...

DEBIAN-CVE-2017-8908

The marklinetr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service out-of-bounds read via a crafted PostScript document...

Out-of-bounds

The marklinetr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service out-of-bounds read via a crafted PostScript document...

CVE-2017-8908

The marklinetr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service out-of-bounds read via a crafted PostScript document...

Artifex Ghostscript mark_curve Denial of Service Vulnerability

Ghostscript is a set of software based on Adobe Systems PostScript and Portable Document Format PDF page description language interpreter. The markcurve function in Artifex Ghostscript suffers from an integer overflow problem that allows a remote attacker to cause a denial of service out-of-bound...

UBUNTU-CVE-2017-8291

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile %pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017...

Integer overflow

Integer overflow in the markcurve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly have unspecified other impact via a crafted PostScript document...

DEBIAN-CVE-2017-7948

Integer overflow in the markcurve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly have unspecified other impact via a crafted PostScript document...

Heap overflow

The fillthreshholdbuffer function in base/gxhtthresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document...

CVE-2017-7207

The memgetbitsrectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PostScript document...

DEBIAN-CVE-2017-7207

The memgetbitsrectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PostScript document...

ALPINE-CVE-2017-7207

The memgetbitsrectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PostScript document...

CVE-2017-7207

The memgetbitsrectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PostScript document...

CVE-2013-5653

The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file...

CVE-2013-5653

The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file...

CVE-2017-6196

Multiple use-after-free vulnerabilities in the gximageenumbegin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PostScript...