5483 matches found
CVE-2010-4820
CVE-2010-4820 is an untrusted search path vulnerability in Ghostscript affecting the Ghostscript 8.x family. The issue arises because Ghostscript reads initialization files from the current working directory, allowing a local attacker to execute arbitrary PostScript commands by placing a Trojan h...
CVE-2010-4820
Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055...
CVE-2010-4820
Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055...
F5 Networks BIG-IP : icclib vulnerabilities (SOL9990)
Multiple integer overflow flaws which could lead to heap-based buffer overflows, as well as multiple insufficient input validation flaws, were found in Ghostscript's International Color Consortium Format library icclib. Using specially crafted ICC profiles, an attacker could create a malicious...
Samsung ml85p Printer Driver 1.0 Insecure Temporary File Creation Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/3008/info ml85p is a Linux driver for Samsung ML-85G series printers. It may be bundled with distributions of Ghostscript. ml85p does not check for symbolic links when creating image output files. These files are created ...
Samsung ml85p Printer Driver 1.0 Insecure Temporary File Creation Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/3008/info ml85p is a Linux driver for Samsung ML-85G series printers. It may be bundled with distributions of Ghostscript. ml85p does not check for symbolic links when creating image output files. These files are created ...
GhostScript PostScript File Stack Overflow Exploit
No description provided by source. Check Point Software Technologies - Vulnerability Discovery Team VDT Rodrigo Rubira Branco - rbranco noSPAM checkpoint.com GhostScript Stack Overflow bsd/x86/shellbindtcp - 214 bytes http://www.metasploit.com Encoder: x86/alphaupper AppendExit=false,...
Ghostscript 8.0.1/8.15 - zseticcspace() Function Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28017/info Ghostscript is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Successfully exploiting this issue may allow remote attackers to execute...
Ghostscript < 8.64 'gdevpdtb.c' Buffer Overflow Vulnerability
No description provided by source. Ghostscript is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into a finite-sized buffer. Exploiting this issue allows remote attackers to overwrite a sensitive memory buffer with...
Ghostscript 'CCITTFax' Decoding Filter - Denial of Service Vulnerability
No description provided by source. Ghostscript is prone to a remote denial-of-service vulnerability because it fails to properly validate user-supplied input. Exploiting this issue allows remote attackers to crash the application and possibly to execute code, but this has not been confirmed...
openSUSE Security Update : ghostscript (openSUSE-SU-2012:1289-1)
The following security issue was fixed in ghostscript : Multiple integer underflows in the icmLutallocate function in International Color Consortium ICC Format library icclib, as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service crash...
openSUSE Security Update : ghostscript-devel (openSUSE-SU-2010:0451-1)
ghostscript by default read some initialization files from the current working directory. Local attackers could potentially exploit that to have other users execute arbitrary commands by placing such files e.g. in /tmp CVE-2010-2055. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
openSUSE Security Update : ghostscript-library (openSUSE-SU-2012:1290-1)
The following security issue was fixed in ghostscript : Multiple integer underflows in the icmLutallocate function in International Color Consortium ICC Format library icclib, as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service crash...
openSUSE Security Update : a2ps (openSUSE-SU-2014:0499-1)
a2ps was updated to fix a security issue : fixps called ghostscript without -dSAFER, enabling postscript files processed by fixps to execute code on the system. CVE-2014-0466 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
CVE-2014-1932
The 1 loaddjpeg function in JpegImagePlugin.py, 2 Ghostscript function in EpsImagePlugin.py, 3 load function in IptcImagePlugin.py, and 4 copy function in Image.py in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary files, which allow local users...
Design/Logic Flaw
The 1 loaddjpeg function in JpegImagePlugin.py, 2 Ghostscript function in EpsImagePlugin.py, 3 load function in IptcImagePlugin.py, and 4 copy function in Image.py in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary files, which allow local users...
libjpeg: information leak (read of uninitialized memory)
The getsos function in jdmarker.c in 1 libjpeg 6b and 2 libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan SOS JPEG markers,...
UBUNTU-CVE-2013-5653
The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file...
CVE-2013-5653
The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file...
libjpeg: information leak (read of uninitialized memory)
The getsos function in jdmarker.c in 1 libjpeg 6b and 2 libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan SOS JPEG markers,...