Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2024-2829)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2024-2163 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in...

Medium: ghostscript

Issue Overview: Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc. CVE-2024-29508 Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitra...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ghostscript (SUSE-SU-2024:2627-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2627-1 advisory. - CVE-2024-29508: Fixed heap pointer leak in pdfbasefontalloc bsc1227380 Tenable has extracted the...

SUSE-SU-2024:2627-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2024-29508: Fixed heap pointer leak in pdfbasefontalloc bsc1227380...

CVE-2024-29508

A flaw was found in Ghostscript. Thepdfbasefontalloc function used by the pdfwrite device will use a hexadecimal pointer representation for the constructed BaseFont name if the input name is empty. This flaw allows an attacker to obtain this pointer value by reading back to the output file after...

CVE-2024-29508

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc...

CVE-2024-29508

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc...

CVE-2024-29508

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc...

CVE-2024-29508

CVE-2024-29508 affects Artifex Ghostscript prior to 10.03.0. The issue is a heap-based pointer disclosure observable in a constructed BaseFont name, in the function pdf_base_font_alloc. Documents consistently describe this Ghostscript vulnerability as enabling information leakage. The CVSSv3.1 ve...

CVE-2024-29508

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc...

CVE-2024-29508

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc...

Ghostscript gdevpdtb.c文件栈溢出漏洞

BUGTRAQ ID: 34340 Ghostscript是用于显示PostScript文件或向非PostScript打印机打印这些文件的程序。 Ghostscript的src/gdevpdtb.c文件中的pdfbasefontalloc函数没有正确地为字体分配缓冲区。如果用户受骗将特制的Postscript文件转换成PDF文件的话，就可以触发栈溢出，导致执行任意代码。 Ghostscript 8.x Ghostscript ----------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...