MGASA-2017-0355 Updated ghostscript packages fix security vulnerabilities

The InsMIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact via a crafted document. CVE-2017-9611 The InsIP function in base/ttinterp.c...

Updated ghostscript packages fix security vulnerabilities

The InsMIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact via a crafted document. CVE-2017-9611 The InsIP function in base/ttinterp.c...

Debian DSA-3986-1 : ghostscript - security update

Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service if a specially crafted Postscript file is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

[SECURITY] [DSA 3986-1] ghostscript security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3986-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 29, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3986-1] ghostscript security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3986-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 29, 2017 https://www.debian.org/security/faq -...

DSA-3986-1 ghostscript - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3986-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : Ghostscript vulnerabilities (USN-3403-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3403-1 advisory. Kamil Frankowicz discovered that Ghostscript mishandles references. A remote attacker could use this to cause a denial of service...

USN-3403-1: Ghostscript vulnerabilities

Kamil Frankowicz discovered that Ghostscript mishandles references. A remote attacker could use this to cause a denial of service. CVE-2017-11714 Kim Gwan Yeong discovered that Ghostscript could allow a heap-based buffer over-read and application crash. A remote attacker could use a crafted...

USN-3403-1 ghostscript vulnerabilities

Kamil Frankowicz discovered that Ghostscript mishandles references. A remote attacker could use this to cause a denial of service. CVE-2017-11714 Kim Gwan Yeong discovered that Ghostscript could allow a heap-based buffer over-read and application crash. A remote attacker could use a crafted...

CentOS 7 : ghostscript (CESA-2017:2180)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ghostscript security update

CentOS Errata and Security Advisory CESA-2017:2180 An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20170802)

Security Fixes : - A NULL pointer dereference flaw was found in ghostscript's memgetbitsrectangle function. A specially crafted postscript document could cause a crash in the context of the gs process. CVE-2017-7207 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C...

GPL Ghostscript: Multiple vulnerabilities

Background Ghostscript is an interpreter for the PostScript language and for PDF. Description Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for additional information. Impact A context-dependent attacker could entice a user to...

GLSA-201708-06 : GPL Ghostscript: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201708-06 GPL Ghostscript: Multiple vulnerabilities Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for additional information. Impact : A context-dependent...

Oracle Linux 7 : ghostscript (ELSA-2017-2180)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-2180 advisory. - Security fix for CVE-2017-8291 updated to address SIGSEGV - Added security fix for CVE-2017-8291 bug 1446063 - Added security fix for CVE-2017-7207 bug 143435...

EulerOS 2.0 SP2 : ghostscript (EulerOS-SA-2017-1145)

According to the version of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The memgetbitsrectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service NULL pointer...

EulerOS 2.0 SP1 : ghostscript (EulerOS-SA-2017-1144)

According to the version of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The memgetbitsrectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service NULL pointer...

DEBIAN-CVE-2016-7976

The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams...

CVE-2016-7976

The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams...