5485 matches found
Ghostscript Remote Command Execution Vulnerability
Ghostscript is a program for displaying PostScript files or printing them to non-PostScript printers. A remote code execution vulnerability exists in Ghostscript. An attacker could use this vulnerability to execute arbitrary commands in an affected application...
Printer Exploitation Toolkit: PRET
Printer Exploitation Toolkit PRET is a new tool for printer security testing developed in the scope of a Master’s Thesis at Ruhr University Bochum. PRET connects to a device via network or USB and exploits the features of a given printer language. Currently PostScript , PJL and PCL are supported...
Ghostscript 9.20 Command Execution
Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/GHOSTSCRIPT-FILENAME-COMMAND-EXECUTION.txt + ISR: ApparitionSec + Vendor: =============== ghostscript.com Product: ================ Ghostscript 9.20 gs920w32.exe Windows 32...
Ghostscript 9.20 - Filename Command Execution
Ghostscript 9.20 - Filename Command Execution + + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/GHOSTSCRIPT-FILENAME-COMMAND-EXECUTION.txt + ISR: ApparitionSec + Vendor: =============== ghostscript.com Product:...
Ghostscript 9.20 - Filename Command Execution Vulnerability
Exploit for windows platform in category local exploits + + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/GHOSTSCRIPT-FILENAME-COMMAND-EXECUTION.txt + ISR: ApparitionSec + Vendor: =============== ghostscript.com Product:...
Ghostscript 9.20 - 'Filename' Command Execution
Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/GHOSTSCRIPT-FILENAME-COMMAND-EXECUTION.txt + ISR: ApparitionSec + Vendor: =============== ghostscript.com Product: ================ Ghostscript 9.20 gs920w32.exe Windows 32...
Fedora 24 : ghostscript (2017-5136456ce3)
This is a security update for these CVEs : - CVE-2016-9601 - Heap-buffer overflow in jbig2imagenew function This update also solves possible licensing issues with ghostscritpt's source code. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Fedora 25 : ghostscript (2017-15f85f1cf1)
This is a security update for these CVEs : - CVE-2016-9601 - Heap-buffer overflow in jbig2imagenew function This update also solves possible licensing issues with ghostscritpt's source code. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Fedora Update for ghostscript FEDORA-2017-5136456ce3
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 24 Update: ghostscript-9.20-6.fc24
Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...
[SECURITY] Fedora 25 Update: ghostscript-9.20-6.fc25
Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...
Fedora Update for ghostscript FEDORA-2017-15f85f1cf1
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : ghostscript (ALAS-2017-784)
It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrie...
Ghostscript 'psi/zht2.c' Null Pointer Reference Remote Code Execution Vulnerability
PostScript PS is a page description language and programming language used in the electronics industry and desktop publishing.Artifex Software Ghostscript is an open-source PostScript parser from Artifex Software that displays Postscript files and prints Postscript files on non-PostScript printer...
Medium: ghostscript
Issue Overview: It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list...
Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20170104)
Security Fixes : - It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list...
RedHat Update for ghostscript RHSA-2017:0014-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 6 : ghostscript (CESA-2017:0014)
An update for ghostscript is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
CentOS Update for ghostscript CESA-2017:0014 centos6
Check the version of ghostscript SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882623";...
OracleVM 3.3 / 3.4 : ghostscript (OVMSA-2017-0002)
The remote OracleVM system is missing necessary patches to address critical security updates : - Added security fixes for : - CVE-2013-5653 bug 1380327 - CVE-2016-7977 bug 1380415 - CVE-2016-7979 bug 1382305 - CVE-2016-8602 bug 1383940 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...