18 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-9601
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2decodegrayscaleimage function which is used...
SUSE: Security Advisory (SUSE-SU-2018:1140-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1404-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1138-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2020-1240)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-2586)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-2528)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : ghostscript-library (SUSE-SU-2018:1140-1)
This update for ghostscript-library fixes several issues. These security issues were fixed : - CVE-2017-7207: The memgetbitsrectangle function allowed remote attackers to cause a denial of service NULL pointer dereference via a crafted PostScript document bsc1030263. - CVE-2016-9601: Prevent...
CVE-2016-9601
CVE-2016-9601 : Ghostscript before version 9.21 is vulnerable to a heap-based buffer overflow in the jbig2_decode_gray_scale_image function used for JBIG2 halftone decoding, potentially causing a segmentation fault when parsing a crafted PostScript/PDF with an embedded JBIG2 image, per multiple c...
SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2017:1404-1)
This update for ghostscript fixes the following security vulnerabilities : - CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. bsc1036453 - CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misus...
Ubuntu 14.04 LTS / 16.04 LTS : jbig2dec vulnerabilities (USN-3297-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3297-1 advisory. Bingchang Liu discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were...
USN-3297-1: jbig2dec vulnerabilities
Bingchang Liu discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were tricked into processing a specially crafted JBIG2 image file, a remote attacker could cause jbig2dec to crash, resulting in a denial of service, or possibly...
openSUSE: Security Advisory for ghostscript (openSUSE-SU-2017:1203-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2017:1138-1)
This update for ghostscript fixes the following security vulnerabilities : - CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. bsc1036453 - CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misus...
[SECURITY] [DSA 3817-1] jbig2dec security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3817-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 24, 2017 https://www.debian.org/security/faq -...
Fedora 24 : ghostscript (2017-5136456ce3)
This is a security update for these CVEs : - CVE-2016-9601 - Heap-buffer overflow in jbig2imagenew function This update also solves possible licensing issues with ghostscritpt's source code. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Fedora 25 : ghostscript (2017-15f85f1cf1)
This is a security update for these CVEs : - CVE-2016-9601 - Heap-buffer overflow in jbig2imagenew function This update also solves possible licensing issues with ghostscritpt's source code. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
CVE-2016-9601
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2decodegrayscaleimage function which is used to decode halftone segments in a JBIG2 image. A document PostScript or PDF with an embedded, specially crafted, jbig2 image could trigge...