CVE-2017-8291

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile %pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017...

CVE-2017-8291

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a “/OutputFile %pipe%” substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. Recent assessments: gwillcox-r7 at...

VulnCheck KEV: CVE-2017-8291

Artifex Ghostscript allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile...

Debian: Security Advisory (DSA-3838-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-8291

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile %pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017...

Artifex Ghostscript mark_curve Denial of Service Vulnerability

Ghostscript is a set of software based on Adobe Systems PostScript and Portable Document Format PDF page description language interpreter. The markcurve function in Artifex Ghostscript suffers from an integer overflow problem that allows a remote attacker to cause a denial of service out-of-bound...

PT-2017-4163

Name of the Vulnerable Software and Affected Versions Artifex Ghostscript versions through 2017-04-26 Description The issue is related to a type confusion vulnerability in the .rsdparams operator, allowing remote command execution and bypass of the -dSAFER protection mechanism. This can be achiev...

UBUNTU-CVE-2017-8291

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile %pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017...

CVE-2017-7948

Integer overflow in the markcurve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly have unspecified other impact via a crafted PostScript document...

Artifex Software Ghostscript Artifex jbig2dec 'jbig2_build_huffman_table' function integer overflow vulnerability

Artifex Software Ghostscript is a U.S. Artifex Software, Inc. of an open source PostScript parser , it can display Postscript files as well as non-Postscript printers to print Postscript files . Artifex jbig2dec is a Ghostscript and MuPDF for decoding PDF files in the JBIG2 stream implementation...

Debian DLA-905-1 : ghostscript security update

ghostscript is vulnerable to multiple issues that can lead to denial of service when processing untrusted content. CVE-2016-10219 Application crash with division by 0 in scan conversion code triggered through crafted content. CVE-2016-10220 Application crash with a segfault in gxdevicefinalize...

[SECURITY] [DLA 905-1] ghostscript security update

Package : ghostscript Version : 9.05dfsg-6.3+deb7u5 CVE ID : CVE-2016-10219 CVE-2016-10220 CVE-2017-5951 ghostscript is vulnerable to multiple issues that can lead to denial of service when processing untrusted content. CVE-2016-10219 Application crash with division by 0 in scan conversion code...

CVE-2017-7975

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2buildhuffmantable function in jbig2huffman.c during operations on a crafted JBIG2 file, leading to a denial of service application crash or possibly execution of arbitrary code...

DLA-905-1 ghostscript - security update

Bulletin has no description...

Fedora Update for ghostscript FEDORA-2017-9a13090378

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2017-7975

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2buildhuffmantable function in jbig2huffman.c during operations on a crafted JBIG2 file, leading to a denial of service application crash or possibly execution of arbitrary code...

CVE-2017-7975

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2buildhuffmantable function in jbig2huffman.c during operations on a crafted JBIG2 file, leading to a denial of service application crash or possibly execution of arbitrary code...

Integer overflow

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2buildhuffmantable function in jbig2huffman.c during operations on a crafted JBIG2 file, leading to a denial of service application crash or possibly execution of arbitrary code...

CVE-2017-7975

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2buildhuffmantable function in jbig2huffman.c during operations on a crafted JBIG2 file, leading to a denial of service application crash or possibly execution of arbitrary code...

CVE-2017-7975

CVE-2017-7975 affects Artifex jbig2dec 0.13 (used in Ghostscript). The root cause is an integer overflow in jbig2_build_huffman_table within jbig2_huffman.c, causing out-of-bounds writes when processing crafted JBIG2 files. Impact per the sources includes denial of service (application crash) and...