CVE-2016-7976

The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams...

Artifex Ghostscript 'gs_alloc_ref_array' function heap buffer overflow vulnerability

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...

CVE-2017-9619

The xpstruecallbackglyphname function in xps/xpsttf.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service Segmentation Violation and application crash via a crafted file...

DEBIAN-CVE-2017-9619

The xpstruecallbackglyphname function in xps/xpsttf.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service Segmentation Violation and application crash via a crafted file...

CVE-2017-9739

The InsJMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact via a crafted document...

Artifex Software MuPDF and Ghostscript Artifex jbig2dec Denial of Service Vulnerability

Artifex Software Ghostscript and MuPDF are both products of the United States Artifex Software. Artifex Ghostscript is an open source PostScript parser; MuPDF is a free, lightweight PDF reader. jbig2dec is an for Ghostscript and MuPDF in the decoding of PDF files in the JBIG2 stream implementatio...

DEBIAN-CVE-2016-7979

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initializedscparser...

CVE-2016-7977

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...

CVE-2016-7979

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initializedscparser...

SUSE-SU-2017:1322-1 Security update for ghostscript-library

This update for ghostscript fixes the following security vulnerability: CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. bsc1036453 This update is a reissue including the SUSE Linux Enterprise 11 SP3 product...

DEBIAN-CVE-2017-8291

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile %pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017...

DEBIAN-CVE-2017-7975

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2buildhuffmantable function in jbig2huffman.c during operations on a crafted JBIG2 file, leading to a denial of service application crash or possibly execution of arbitrary code...

CVE-2016-8602

The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack...

Artifex Software Ghostscript Denial of Service Vulnerability

Ghostscript is a set of Adobe-based, PostScript and portable document format PDF page description language and compiled into the free software. A denial of service vulnerability exists in Artifex Software Ghostscript version 9.20 that could allow a remote attacker to cause a denial of service NUL...

CVE-2016-10317

The fillthreshholdbuffer function in base/gxhtthresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document...

DEBIAN-CVE-2016-10317

The fillthreshholdbuffer function in base/gxhtthresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document...

CVE-2016-10217

The pdf14open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted file that is mishandled in the color management module...

CVE-2016-10219

The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted file...

CVE-2016-10220

The gsmakewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file that is mishandled in the PDF Transparency module...

CVE-2013-5653

The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file...