PT-2023-36024 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash. Technical details about the crash include the crash type being a Stack-buffer-overflow WRITE 1. Th...

SUSE CVE-2009-0792

Multiple integer overflows in icc.c in the International Color Consortium ICC Format library aka icclib, as used in Ghostscript 8.64 and earlier and Argyll Color Management System CMS 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service heap-based buffer overflow and...

SUSE CVE-2010-4054

The gstype2interpret function in Ghostscript allows remote attackers to cause a denial of service incorrect pointer dereference and application crash via crafted font data in a compressed data stream, aka bug 691043...

SUSE CVE-2016-10220

The gsmakewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file that is mishandled in the PDF Transparency module...

SUSE CVE-2017-5951

The memgetbitsrectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file...

SUSE CVE-2018-15911

In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code...

SUSE CVE-2018-16509

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction...

SUSE CVE-2018-16539

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable...

SUSE CVE-2018-16543

In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact...

SUSE CVE-2019-14811

A flaw was found in, ghostscript versions prior to 9.50, in the .pdfhookDSCCreator procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the fi...

SUSE CVE-2020-16301

A buffer overflow vulnerability in okiibmprintpage1 in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

SUSE CVE-2020-16306

A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51...

SUSE CVE-2020-16307

A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51...

SUSE CVE-2020-16310

A division by zero vulnerability in dot24printpage in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

SUSE CVE-2020-17538

A buffer overflow vulnerability in GetNumSameData in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

PT-2022-36796 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free error, which occurs when the program attempts to access memory that has already been freed. The crash state...

PT-2022-36710 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Stack-use-after-return READ 4. The crash state involves several functions, including gs type2 interpre...

The vulnerability of the Ghostscript software for document processing lies in the fact that operations are performed outside the buffer in memory. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Ghostscript document processing software lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...

PT-2022-37203 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a crash type identified as Global-buffer-overflow READ 8. The crash state involves several functions, including chunk obj alloc,...

PT-2022-37189 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-underflow read error. Technical details about the crash include the functions gs type2 interpret, copied type1 gly...