5485 matches found
Artifex Software Ghostscript Heap Buffer Overflow Vulnerability
Artifex Software Ghostscript is an open source PostScript parser from Artifex Software, which displays Postscript files and prints them on non-Postscript printers. A security vulnerability exists in the 'fillthreshholdbuffer' function in the base/gxhtthresh.c file in Artifex Software Ghostscript...
CVE-2016-7977
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...
CVE-2016-7979
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initializedscparser...
DEBIAN-CVE-2016-7979
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initializedscparser...
CVE-2016-7978
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice...
DEBIAN-CVE-2016-7978
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice...
CVE-2016-7978
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice...
DEBIAN-CVE-2016-7977
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...
CVE-2016-7979
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initializedscparser...
CVE-2016-7977
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...
Design/Logic Flaw
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice...
Type confusion
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initializedscparser...
Authentication flaw
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...
CVE-2016-7978
GBGhostscript CVE-2016-7978 is a use-after-free caused by a reference leak in .setdevice, enabling remote code execution. The IBM PowerKVM bulletin confirms Ghostscript-related fixes and states PowerKVM 2.1/3.1 are affected, with remediation via updates: PowerKVM 3.1.0.2 update 5 or later (and 2....
CVE-2016-7978
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice...
CVE-2016-7977
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...
CVE-2016-7979
Ghostscript before 9.21 vulnerable to bypassing SAFER mode protection and executing arbitrary code via type confusion in .initialize_dsc_parser. This CVE (CVE-2016-7979) affects Ghostscript up to version prior to 9.21; exploitation would occur through crafted PostScript documents that trigger typ...
CVE-2016-7979
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initializedscparser...
CVE-2016-7979
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initializedscparser...
CVE-2016-7978
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice...