4 matches found
Important: ghostscript
Issue Overview: Fix confusion between bytes and shorts. Data is being copied from a string in multiple of shorts, rather than multiple of bytes, leading to both a read probably benign, given the memory manager and write buffer overflow. Info: https://bugs.ghostscript.com/showbug.cgi?id=708131...
Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2025-927)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-927 advisory. PDF interpreter - Guard against unsigned int overflow. A large Type 4 function definition can overflow the uint counter, causing the allocated buffer to be smaller than required. Info:...
Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2025-908)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-908 advisory. Potential integer and buffer overflow with DollarBlend during serializing a multiple master font for passing to Freetype. Fixed by changing a variable type from short to unsigned short and...
Important: ghostscript
Issue Overview: Potential integer and buffer overflow with DollarBlend during serializing a multiple master font for passing to Freetype. Fixed by changing a variable type from short to unsigned short and checking if a length variable exceeds permitted limit. Fixed in ghostpdl-10.05.0...