13 matches found
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2021-1193)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-2370)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-2586)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : ghostscript (2017-a606d224a5)
Security fixes release for these CVEs : - CVE-2016-10217 use-after-free and application crash - CVE-2016-10218 NULL pointer dereference and application crash - CVE-2016-10219 divide-by-zero error and application crash - CVE-2016-10220 NULL pointer dereference and application crash - CVE-2017-5951...
Ubuntu: Security Advisory (USN-3272-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : Ghostscript regression (USN-3272-2)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3272-2 advisory. USN-3272-1 fixed vulnerabilities in Ghostscript. This change introduced a regression when the DELAYBIND feature is used with the eqproc command. This...
Fedora 24 : ghostscript (2017-fae1506f94)
Security fixes release for these CVEs : - CVE-2016-10217 use-after-free and application crash - CVE-2016-10218 NULL pointer dereference and application crash - CVE-2016-10219 divide-by-zero error and application crash - CVE-2016-10220 NULL pointer dereference and application crash - CVE-2017-5951...
Fedora 25 : ghostscript (2017-c85c0e5637)
Security fixes release for these CVEs : - CVE-2016-10217 use-after-free and application crash - CVE-2016-10218 NULL pointer dereference and application crash - CVE-2016-10219 divide-by-zero error and application crash - CVE-2016-10220 NULL pointer dereference and application crash - CVE-2017-5951...
Fedora Update for ghostscript FEDORA-2017-c85c0e5637
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3272-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3272-1: Ghostscript vulnerabilities
It was discovered that Ghostscript improperly handled parameters to the rsdparams and eqproc commands. An attacker could use these to craft a malicious document that could disable -dSAFER protections, thereby allowing the execution of arbitrary code, or cause a denial of service application crash...
CVE-2016-10217
The pdf14open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted file that is mishandled in the color management module...
CVE-2016-10217
CVE-2016-10217 (Ghostscript 9.20): The pdf14_open function in base/gdevp14.c is vulnerable to a use-after-free via a crafted PostScript/PDF in the color management path, allowing remote denial of service (crash). The provided documents do not specify a vendor patch or remediation for this CVE. Mo...