Fedora 26 : ghostscript (2017-628b627eac)

Security fix for CVE-2017-7207. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

Fedora 26 : ghostscript (2017-a606d224a5)

Security fixes release for these CVEs : - CVE-2016-10217 use-after-free and application crash - CVE-2016-10218 NULL pointer dereference and application crash - CVE-2016-10219 divide-by-zero error and application crash - CVE-2016-10220 NULL pointer dereference and application crash - CVE-2017-5951...

Virtuozzo 6 : ghostscript / ghostscript-devel / ghostscript-doc / etc (VZLSA-2017-0014)

An update for ghostscript is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Virtuozzo 7 : ghostscript / ghostscript-cups / ghostscript-devel / etc (VZLSA-2017-0013)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Virtuozzo 6 : ghostscript / ghostscript-devel / ghostscript-doc / etc (VZLSA-2017-1230)

An update for ghostscript is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

EulerOS 2.0 SP2 : ghostscript (EulerOS-SA-2017-1101)

According to the version of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a...

EulerOS 2.0 SP1 : ghostscript (EulerOS-SA-2017-1100)

According to the version of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a...

Amazon Linux AMI : ghostscript (ALAS-2017-837)

It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER protection. CVE-2017-8291 C...

Important: ghostscript

Issue Overview: It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER protection...

PRET - Printer Exploitation Toolkit

PRET is a new tool for printer security testing developed in the scope of a Master's Thesis at Ruhr University Bochum. It connects to a device via network or USB and exploits the features of a given printer language. Currently PostScript, PJL and PCL are supported which are spoken by most laser...

Artifex Software MuPDF and Ghostscript Artifex jbig2dec Denial of Service Vulnerability

Artifex Software Ghostscript and MuPDF are both products of the United States Artifex Software. Artifex Ghostscript is an open source PostScript parser; MuPDF is a free, lightweight PDF reader. jbig2dec is an for Ghostscript and MuPDF in the decoding of PDF files in the JBIG2 stream implementatio...

SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2017:1404-1)

This update for ghostscript fixes the following security vulnerabilities : - CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. bsc1036453 - CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misus...

SUSE-SU-2017:1404-1 Security update for ghostscript

This update for ghostscript fixes the following security vulnerabilities: - CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. bsc1036453 - CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misuse...

Null pointer dereference

libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2huffmanget function in jbig2huffman.c. For example, the jbig2dec utility will crash segmentation fault when parsing an invalid file...

UBUNTU-CVE-2017-9216

libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2huffmanget function in jbig2huffman.c. For example, the jbig2dec utility will crash segmentation fault when parsing an invalid file...

CVE-2017-9216

libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2huffmanget function in jbig2huffman.c. For example, the jbig2dec utility will crash segmentation fault when parsing an invalid file...

CVE-2017-9216

libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2huffmanget function in jbig2huffman.c. For example, the jbig2dec utility will crash segmentation fault when parsing an invalid file...

CVE-2017-9216

libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2huffmanget function in jbig2huffman.c. For example, the jbig2dec utility will crash segmentation fault when parsing an invalid file...

CVE-2017-9216

CVE-2017-9216 affects libjbig2dec.a in Artifex jbig2dec 0.13 (as used by MuPDF and Ghostscript). The vulnerability is a NULL pointer dereference in the jbig2_huffman_get function of jbig2_huffman.c, which can cause a crash/segmentation fault when parsing an invalid/.jb2 file. Connected sources co...

CVE-2017-9216

libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2huffmanget function in jbig2huffman.c. For example, the jbig2dec utility will crash segmentation fault when parsing an invalid file...