CVE-2017-9618

CVE-2017-9618 affects Artifex Ghostscript GhostXPS 9.21. The vulnerability is in xps_load_sfnt_name (xps/xpsfont.c), where crafted XPS documents can cause a denial of service via a buffer overflow, crashing the application. The description in the connected records confirms the same function and i...

CVE-2017-9620

The xpsselectfontencoding function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact via a crafted document, related to the xpsencodefontcharimp...

CVE-2017-9835

The gsallocrefarray function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer...

CVE-2017-9619

CVE-2017-9619 affects Artifex Ghostscript GhostXPS 9.21. The xps_true_callback_glyph_name function in xps/xpsttf.c can be triggered by a crafted file to cause a segmentation fault, resulting in remote denial of service/application crash. The provided documents explicitly state the impact as a DoS...

CVE-2017-9610

CVE-2017-9610 affects Artifex Ghostscript GhostXPS 9.21. The vulnerability is in xps_load_sfnt_name (xps/xpsfont.c) and can be triggered by a crafted document, leading to a heap-based buffer over-read that may crash the process or have unspecified impact. No exploit details or patched version are...

CVE-2017-9612

The InsIP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service use-after-free and application crash or possibly have unspecified other impact via a crafted document...

CVE-2017-9610

The xpsloadsfntname function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact via a crafted document...

CVE-2017-9740

The xpsdecodefontcharimp function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact via a crafted document...

CVE-2017-9612

CVE-2017-9612 : The vulnerability is in Artifex Ghostscript GhostXPS 9.21. The Ins_IP function in base/ttinterp.c can be triggered by a crafted document to cause a denial of service via a use-after-free, potentially crashing the application and causing a partial impact to integrity/availability a...

CVE-2017-9619

The xpstruecallbackglyphname function in xps/xpsttf.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service Segmentation Violation and application crash via a crafted file...

CVE-2017-9835

The CVE-2017-9835 entry refers to Ghostscript 9.21, where the gs_alloc_ref_array path in psi/ialloc.c can be abused via crafted PostScript due to a missing integer overflow check in base/gsalloc.c, causing a heap-based buffer overflow and application crash (remote/denial of service). The connecte...

CVE-2017-9611

The InsMIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact via a crafted document...

CVE-2017-9618

The xpsloadsfntname function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted document...

CVE-2017-9618

The xpsloadsfntname function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted document...

CVE-2017-9739

CVE-2017-9739: In Artifex Ghostscript GhostXPS 9.21, the Ins_JMPR function in base/ttinterp.c allows remote attackers to cause a denial of service via a crafted document, due to a heap-based buffer over-read. This is the concrete root cause and impact provided in connected documents; no further d...

CVE-2017-9726

CVE-2017-9726 affects Ghostscript GhostXPS 9.21. The Ins_MDRP function in base/ttinterp.c is vulnerable, allowing remote attackers to trigger a heap-based buffer over-read, causing an application crash and potentially other impact. Exploitation would involve a crafted document; CVSS v3.0 vector: ...

CVE-2017-9620

CVE-2017-9620 is linked to Artifex Ghostscript GhostXPS 9.21, with the flaw located in xps_select_font_encoding (xps/xpsfont.c) that can cause a heap-based buffer over-read leading to a crash or possible other impact via crafted documents. Connected documents confirm the vulnerability in Ghostscr...

CVE-2017-9727

The CVE-2017-9727 issue affects Artifex Ghostscript GhostXPS 9.21. The gx_ttfReader__Read function (base/gxttfb.c) is vulnerable, allowing remote attackers to trigger a denial of service via a crafted document through a heap-based buffer over-read, potentially causing an application crash. Connec...

CVE-2017-9740

CVE-2017-9740 affects Artifex Ghostscript GhostXPS 9.21. The xps_decode_font_char_imp function in xps/xpsfont.c can be triggered by a crafted document to cause a heap-based buffer over-read, resulting in a denial of service and potentially other impact. This vulnerability is documented across mul...

CVE-2017-9739

The InsJMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact via a crafted document...