UBUNTU-CVE-2024-33871

An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp and oprp devices can have an arbitrary name for a...

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript versions prior to 10.03.1, which stems from a security flaw in psi/zmisc1.c when...

The vulnerability of the software for processing, transforming, and generating documents using Ghostscript on the Red Hat Enterprise Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the software for processing, transforming, and generating documents using Ghostscript for the Red Hat Enterprise Linux operating system is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...

SUSE CVE-2020-36773

Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c for txtwrite because a single character code in a PDF document can map to more than one Unicode code point e.g., for a ligature...

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2023-3297)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because th...

The vulnerability of the `cljmedia_size` function in the `devices/gdevclj.c` component of the Ghostscript document processing software allows a perpetrator to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the cljmediasize function in the devices/gdevclj.c component of the Ghostscript document processing software lies in the handling of buffer overflows. Exploiting this vulnerability could allow an attacker to access confidential data, compromise its integrity, and even cause...

The vulnerability of the lp8000_print_page() function in the gdevlp8k.c component of the Ghostscript software processing suite allows a perpetrator to compromise data integrity and cause service failures.

The vulnerability of the lp8000printpage function in the gdevlp8k.c component of the Ghostscript software suite relates to the execution of operations outside the buffer memory. Exploiting this vulnerability could allow an attacker to compromise data integrity and also cause service failures...

MGASA-2023-0351 Updated ghostscript packages fix a security vulnerability

The updated packages fix a security vulnerability. An issue was discovered in the function gdevprnopenprinterseekable in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. CVE-2023-46751...

Ubuntu 22.04 LTS / 23.04 / 23.10 : Ghostscript vulnerability (USN-6551-1)

The remote Ubuntu 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6551-1 advisory. It was discovered that Ghostscript incorrectly handled writing TIFF files. A remote attacker could possibly use this issue to cause Ghostscript to...

CVE-2023-46751

An issue was discovered in the function gdevprnopenprinterseekable in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer...

USN-6433-1 ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PDF documents. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code...

Important: ghostscript

Issue Overview: In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS...

DEBIAN-CVE-2023-43115

In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be...

CVE-2020-21710

GhostScript is vulnerable to divide by zero issue in function epsprintpage in gdevepsn.c allows remote attacker to cause a denial of service via crafted PDF file...

Ghostscript 缓冲区错误漏洞

Artifex Software Ghostscript is an open source parser for Postscript a page description language and programming language used in the electronics industry and desktop publishing from Artifex Software, Inc. The product can display Postscript files and print Postscript files on non-Postscript...

USN-6297-1 ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled outputting certain PDF files. A local attacker could potentially use this issue to cause a crash, resulting in a denial of service...

PT-2023-35891 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type known as Memcpy-param-overlap. The crash occurs in the following functions: pdfi copy truetype font, pdfi load font,...

PT-2023-35801 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash. Technical details about the crash include the crash type being a Stack-buffer-overflow WRITE 1. Th...

PT-2023-35759 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash, specifically a WRITE 4 operation. The crash occurs in the fn ElIn evaluate function, which is call...

Medium: ghostscript

Issue Overview: A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an initdeviceprocs defined for the device that uses it as a prototype that depends upon the numbe...