Artifex Software Ghostscript 'intersect' function denial of service vulnerability

Artifex Software Ghostscript is an open source PostScript parser from Artifex Software, which displays Postscript files and prints them on non-Postscript printers. A security vulnerability exists in the 'intersect' function of the base/gxfill.c file in Artifex Software Ghostscript version 9.20. A...

Artifex Software Ghostscript 'pdf14_open' Function Denial of Service Vulnerability

Artifex Software Ghostscript is an open source PostScript parser from Artifex Software, which displays Postscript files and prints them on non-Postscript printers. A security vulnerability exists in the 'pdf14open' function in the base/gdevp14.c file in Artifex Software Ghostscript version 9.20. ...

Artifex Software Ghostscript 'pdf14_pop_transparency_group' Function Denial of Service Vulnerability

Artifex Software Ghostscript is an open source PostScript parser from Artifex Software, which displays Postscript files and prints them on non-Postscript printers. Artifex Software Ghostscript 9.20 version of the PDF Transparency module of the base/gdevp14.c file 'pdf14poptransparencygroup'...

Artifex Software Ghostscript 'gs_makewordimagedevice' Function Denial of Service Vulnerability

Artifex Software Ghostscript is an open source PostScript parser from Artifex Software, which displays Postscript files and prints them on non-Postscript printers. A security vulnerability exists in the 'gsmakewordimagedevice' function in the base/gsdevmem.c file in Artifex Software Ghostscript...

PT-2018-1532 · Artifex +5 · Ghostscript +5

Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions prior to 9.24 Description: The issue is related to a type confusion error in the LockDistillerParams parameter. Attackers who can provide manipulated PostScript files could exploit this to crash the interpreter or...

openSUSE Security Update : ghostscript (openSUSE-2018-157)

This update for ghostscript fixes several security issues : - CVE-2017-9835: The gsallocrefarray function allowed remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document bsc1050879. ...

SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2018:0407-1)

This update for ghostscript fixes several issues. These security issues were fixed : - CVE-2017-9835: The gsallocrefarray function allowed remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted...

SUSE-SU-2018:0407-1 Security update for ghostscript

This update for ghostscript fixes several issues. These security issues were fixed: - CVE-2017-9835: The gsallocrefarray function allowed remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScri...

Debian: Security Advisory (DLA-1048-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-932-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-942-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

mupdf/pdf_fuzzer: Use-of-uninitialized-value in pdf_lex

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=5405217978843136 Project: mupdf Fuzzer: libFuzzermupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanmupdf Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash...

mupdf/pdf_fuzzer: Use-of-uninitialized-value in fz_adjust_ft_glyph_width

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=5817553579409408 Project: mupdf Fuzzer: libFuzzermupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanmupdf Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash...

Debian: Security Advisory (DLA-905-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 27 : ghostscript / poppler-data (2017-c9b0c406b3)

Latest release of Ghostscript version 9.22 fixes several low-impact security issues, as it provides regular quality improvements & fixes as well. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted ...

MGASA-2017-0430 Updated ghostscript packages fix security vulnerabilities

Multiple use-after-free vulnerabilities in the gximageenumbegin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PostScript...

Updated ghostscript packages fix security vulnerabilities

Multiple use-after-free vulnerabilities in the gximageenumbegin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PostScript...

Fedora Update for ghostscript FEDORA-2017-c9b0c406b3

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[ASA-201711-28] jbig2dec: denial of service

Arch Linux Security Advisory ASA-201711-28 ========================================== Severity: Medium Date : 2017-11-22 CVE-ID : CVE-2017-9216 Package : jbig2dec Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-517 Summary ======= The package jbig2dec before versio...

[SECURITY] Fedora 27 Update: ghostscript-9.22-1.fc27

Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...