24 matches found
PT-2025-38679
Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions through 10.05.1 Description: Artifex Ghostscript through version 10.05.1 contains a stack-based buffer overflow in the pdfmark coerce dest function located in devices/vector/gdevpdfm.c. This occurs when processing...
GNU Troff contrib/pdfmark/pdfroff.sh backlink vulnerability
Groff GNU Troff is the latest open source implementation of Troff, a document preparation system that generates print and screen documents from the same input source for a variety of devices. A backlink vulnerability exists in contrib/pdfmark/pdfroff.sh in versions of GNU Troff prior to 1.21. The...
CVE-2009-5078
contrib/pdfmark/pdfroff.sh in GNU troff aka groff before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document...
CVE-2009-5044
contrib/pdfmark/pdfroff.sh in GNU troff aka groff before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf.tmp temporary file...