Astra Linux - уязвимость в ghostscript

A issue was discovered in Artifex Ghostscript prior to version 10.03.1. The file contrib/opvp/gdevopvp.c allows for arbitrary code execution through a custom Driver library, which can be exploited using a crafted PostScript document. This occurs because the Driver parameter for opvp and oprp...

MiracleLinux 9 : ghostscript-9.54.0-16.el9_4 (AXSA:2024-8422:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8422:02 advisory. ghostscript: OPVP device arbitrary code execution via custom Driver library CVE-2024-33871 Tenable has extracted the preceding description block directly fro...

OESA-2024-2454 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and...

ghostscript security update

9.25-5.0.1 - Fixes CVE-2024-33871 OPVP device arbitrary code execution via custom Driver library...

Important: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update ...

ALPINE-CVE-2024-33871

An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp and oprp devices can have an arbitrary name for a...

CVE-2024-33871

An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp and oprp devices can have an arbitrary name for a...

Artifex Ghostscript Security Vulnerability

Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript versions prior to 10.03.1, which allows execution of arbitrary code via a custom driver...

SUSE-SU-2024:2199-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2024-33871: Prevent OPVP device arbitrary code execution via custom Driver library. bsc1225491...

Important: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

ghostscript security update

9.27-13 - CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver library...

ALSA-2024:4000 Important: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: OPVP device arbitrary code execution via custom Driver library...

ALSA-2024:3999 Important: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: OPVP device arbitrary code execution via custom Driver library...

ghostscript security update

9.54.0-16 - RHEL-39110 fix regression discovered in OPVP device 9.54.0-15 - RHEL-39110 CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver library...

PT-2010-2040 · Microsoft · Windows Vista +2

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Vista versions Gold, SP1, and SP2 Microsoft Windows Server 2008 versions Gold and SP2 Description: A remote code execution issue exists due to improper handling of local fragmentation of Encapsulating Security Payload ESP ov...