CVE-2016-7977

Ghostscript before 9.21 could bypass SAFER mode using the .libfile operator in crafted PostScript, allowing reading arbitrary files. This CVE (CVE-2016-7977) affects Ghostscript up to version 9.20/9.21; remediation is to upgrade to Ghostscript 9.21 or newer where fixed. Related entries note simil...

CVE-2016-7977

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...

Artifex Ghostscript .rsdparams Operator Handling Type Confusion RCE

The version of Artifex Ghostscript installed on the remote Windows host is 9.21 or earlier. It is, therefore, affected by a type confusion error when handling the '.rsdparams' operator with a '/OutputFile %pipe%' substring. An unauthenticated, remote attacker can exploit this, via a specially...

Artifex Ghostscript Installed

Binary data ghostscriptdetect.nbin...

SUSE SLES11 Security Update : ghostscript-library (SUSE-SU-2017:1322-1)

This update for ghostscript fixes the following security vulnerability : - CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. bsc1036453 This update is a reissue including the SUSE Linux Enterprise 11 SP3 product. Note that Tenab...

CVE-2017-8908

The marklinetr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service out-of-bounds read via a crafted PostScript document...

SUSE-SU-2017:1322-1 Security update for ghostscript-library

This update for ghostscript fixes the following security vulnerability: CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. bsc1036453 This update is a reissue including the SUSE Linux Enterprise 11 SP3 product...

Artifex Ghostscript Denial of Service Vulnerability

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...

Ubuntu 14.04 LTS / 16.04 LTS : Ghostscript regression (USN-3272-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3272-2 advisory. USN-3272-1 fixed vulnerabilities in Ghostscript. This change introduced a regression when the DELAYBIND feature is used with the eqproc command. This...

Ubuntu: Security Advisory (USN-3272-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3272-2: Ghostscript regression

USN-3272-1 fixed vulnerabilities in Ghostscript. This change introduced a regression when the DELAYBIND feature is used with the eqproc command. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Ghostscript improperly handled...

USN-3272-2 ghostscript regression

USN-3272-1 fixed vulnerabilities in Ghostscript. This change introduced a regression when the DELAYBIND feature is used with the eqproc command. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Ghostscript improperly handled...

CentOS Update for ghostscript CESA-2017:1230 centos7

Check the version of ghostscript SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882715";...

Fedora 24 : ghostscript (2017-fae1506f94)

Security fixes release for these CVEs : - CVE-2016-10217 use-after-free and application crash - CVE-2016-10218 NULL pointer dereference and application crash - CVE-2016-10219 divide-by-zero error and application crash - CVE-2016-10220 NULL pointer dereference and application crash - CVE-2017-5951...

Debian DLA-942-1 : jbig2dec security update

CVE-2017-7885 Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service application crash or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2decodesymboldict function in jbig2symboldict.c in libjbig2dec.a during...

CentOS Update for ghostscript CESA-2017:1230 centos6

Check the version of ghostscript SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882716";...

CentOS 6 / 7 : ghostscript (CESA-2017:1230)

An update for ghostscript is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

OracleVM 3.3 / 3.4 : ghostscript (OVMSA-2017-0103)

The remote OracleVM system is missing necessary patches to address critical security updates : - Security fix for CVE-2017-8291 updated to address SIGSEGV - Added security fix for CVE-2017-8291 bug 1446063 - Fix for regression caused by previous CVE fixes bug 1410260 %NASLMINLEVEL 70300 C Tenable...

ghostscript security update

CentOS Errata and Security Advisory CESA-2017:1230 An update for ghostscript is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

[SECURITY] Fedora 24 Update: ghostscript-9.20-9.fc24

Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...