Moderate: Red Hat Security Advisory: ghostscript security update

Updated ghostscript packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Slackware Advisory SSA:2009-181-01 ghostscript

The remote host is missing an update as announced via advisory SSA:2009-181-01. OpenVAS Vulnerability Test $Id: esoftslkssa200918101.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware Advisory SSA:2008-062-01 espgs/ghostscript

The remote host is missing an update as announced via advisory SSA:2008-062-01. OpenVAS Vulnerability Test $Id: esoftslkssa200806201.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

ghostscript security update

8.70-14:.1 - Added inputChan lower-bounds checking to icclib bug 854227, CVE-2012-4405...

Slackware: Security Advisory (SSA:2008-062-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2009-181-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-4875

Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to reproduce the issue and...

Heap overflow

DISPUTED Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to reproduce the...

CVE-2012-4875

Ghostscript 9.04 is affected by a heap-based buffer overflow in gdevwpr2.c when processing the OutputFile device parameter, enabling user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. The issue is documented as a potential vulnerability with th...

CVE-2012-4875

Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to reproduce the issue and...

CVE-2012-4875

Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to reproduce the issue and...

PT-2012-5627 · Artifex · Ghostscript

Name of the Vulnerable Software and Affected Versions: Ghostscript version 9.04 Description: The issue is related to a heap-based buffer overflow in the gdevwpr2.c file of Ghostscript, specifically when processing the OutputFile device parameter. This allows user-assisted remote attackers to...

Mandrake Linux Security Advisory : ghostscript (MDKSA-2000:074)

The ghostscript package uses mktemp instead of mkstemp to create temporary files. It also uses improper LDRUNPATH values, which causes it to search for libraries in the current directory. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

Scientific Linux Security Update : ghostscript on SL3.x, SL4.x, SL5.x i386/x86_64

Chris Evans from the Google Security Team reported a stack-based buffer overflow flaw in Ghostscript's zseticcspace function. An attacker could create a malicious PostScript file that would cause Ghostscript to execute arbitrary code when opened. CVE-2008-0411 These updated packages also fix a bu...

Scientific Linux Security Update : ghostscript on SL3.x, SL4.x, SL5.x i386/x86_64

Multiple integer overflow flaws which could lead to heap-based buffer overflows, as well as multiple insufficient input validation flaws, were found in Ghostscript's International Color Consortium Format library icclib. Using specially crafted ICC profiles, an attacker could create a malicious...

Scientific Linux Security Update : ghostscript on SL5.x, SL6.x i386/x86_64 (20120202)

Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. An integer overflow flaw was found in...

Scientific Linux Security Update : ghostscript on SL3.x, SL4.x, SL5.x i386/x86_64

It was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not address all possible integer overflow flaws in Ghostscript's International Color Consortium Format library icclib. Using specially crafted ICC profiles, an attacker could create a malicious PostScript or PDF file with...

Scientific Linux Security Update : ghostscript on SL4.x i386/x86_64 (20120202)

Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript included the current working directo...

CentOS Update for ghostscript CESA-2012:0095 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for ghostscript CESA-2012:0095 centos6

Check for the Version of ghostscript OpenVAS Vulnerability Test CentOS Update for ghostscript CESA-2012:0095 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...