PT-2023-35792 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A heap-use-after-free READ 2 crash type has been identified, involving functions such as gc trace, gs gc reclaim, and ireclaim. Recommendations: At the moment, there is no information...

SUSE-SU-2022:0088-2 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2021-45944: Fixed use-after-free in sampleddatasample bsc1194303 - CVE-2021-45949: Fixed heap-based buffer overflow in sampleddatafinish bsc1194304...

SUSE-SU-2022:0088-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2021-45944: Fixed use-after-free in sampleddatasample bsc1194303 - CVE-2021-45949: Fixed heap-based buffer overflow in sampleddatafinish bsc1194304...

USN-5224-2 ghostscript vulnerabilities

USN-5224-1 fixed several vulnerabilities in Ghostscript. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1016)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2019:2222-1 Security update for ghostscript

This update for ghostscript fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. bsc1129180 - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators...

Pulse Connect Secure Multiple Vulnerabilities (SA44101)

According to its self-reported version, the version of Pulse Connect Secure running on the remote host is affected by multiple vulnerabilities. - An arbitrary file read vulnerability exists in PCS. An unauthenticated, remote attacker can exploit this, via specially crafted URI, to read arbitrary...

SUSE-SU-2019:0144-2 Security update for ghostscript

This update for ghostscript to version 9.26a fixes the following issues: Security issue fixed: - CVE-2019-6116: subroutines within pseudo-operators must themselves be pseudo-operators bsc1122319...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Ghostscript vulnerabilities (USN-3915-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3915-1 advisory. It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into...

USN-3831-1: Ghostscript vulnerabilities

It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service...

USN-3803-1 ghostscript vulnerabilities

Tavis Ormandy discovered multiple security issues in Ghostscript. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service...

USN-3768-1 ghostscript vulnerabilities

Tavis Ormandy discovered multiple security issues in Ghostscript. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Ghostscript vulnerabilities (USN-3768-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3768-1 advisory. Tavis Ormandy discovered multiple security issues in Ghostscript. If a user or automated system were tricked into processing a...

Ghostscript - Multiple Vulnerabilities

http://seclists.org/oss-sec/2018/q3/142 These are critical and trivial remote code execution bugs in things like ImageMagick, Evince, GIMP, and most other PDF/PS tools. ---- Hello, this was discussed on the distros list, but it was suggested to move discussion to oss-security. You might recall I...

MGASA-2017-0430 Updated ghostscript packages fix security vulnerabilities

Multiple use-after-free vulnerabilities in the gximageenumbegin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PostScript...

SUSE-SU-2017:1404-1 Security update for ghostscript

This update for ghostscript fixes the following security vulnerabilities: - CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. bsc1036453 - CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misuse...

CVE-2009-5078

contrib/pdfmark/pdfroff.sh in GNU troff aka groff before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document...

Ubuntu Update for ghostscript vulnerabilities USN-961-1

Ubuntu Update for Linux kernel vulnerabilities USN-961-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9611.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for ghostscript vulnerabilities USN-961-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

DTSA-198-1 ghostscript - integer overflows

Bulletin has no description...

[SA13933] Ghostscript Various Scripts Insecure Temporary File Creation

TITLE: Ghostscript Various Scripts Insecure Temporary File Creation SECUNIA ADVISORY ID: SA13933 VERIFY ADVISORY: http://secunia.com/advisories/13933/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: Ghostscript 8.x http://secunia.com/product/4550/ DESCRIPTION:...