Ubuntu: Security Advisory (USN-6213-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6213-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled pipe devices. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code...

USN-6213-1 ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled pipe devices. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Ghostscript vulnerability (USN-6213-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6213-1 advisory. It was discovered that Ghostscript incorrectly handled pipe devices. If a user or automated system were tricked into opening a specially craft...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2023-2331)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2023-2331)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript...

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2023-2311)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript...

Debian: Security Advisory (DSA-5446-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-5446-1 : ghostscript - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5446 advisory. - Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix. CVE-2023-36664 Note tha...

[SECURITY] [DSA 5446-1] ghostscript security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5446-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 03, 2023 https://www.debian.org/security/faq -...

DSA-5446-1 ghostscript - security update

Bulletin has no description...

PT-2023-35890 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 4 crash has been reported. The crash involves the following functions: default get outline, pdfi fapi get glyph, and get fapi...

Artifex Ghostscript < 10.01.2 Security Bypass

An authentication bypass vulnerability exists in Artifex Ghostscript prior to 10.01.2 due to mishandling permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix An unauthenticated, remote attacker can exploit this, to bypass authentication. Note that Nessus ha...

PT-2023-35891 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type known as Memcpy-param-overlap. The crash occurs in the following functions: pdfi copy truetype font, pdfi load font,...

The vulnerability of the software for processing, transforming, and generating documents using Ghostscript exists due to the lack of measures taken to eliminate the special elements used in the operating system command. This allows a perpetrator to execute arbitrary code.

The vulnerability of the software for processing, transforming, and generating Ghostscript documents exists because measures are not taken to eliminate the special elements used in the operating system command. Exploiting this vulnerability allows an attacker to execute arbitrary code by using th...

CVE-2023-36664

A vulnerability was found in Ghostscript. This flaw occurs due to a mishandled permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...

SUSE CVE-2023-36664

Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...

CVE-2023-36664

Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...

ALPINE-CVE-2023-36664

Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...

CVE-2023-36664

Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...