11 matches found
The vulnerability of the software for processing, transforming, and generating documents using Ghostscript arises from the improper neutralization of special elements used in operating system commands. This allows an attacker to execute arbitrary code.
The vulnerability of the software for processing, transforming, and generating Ghostscript documents is related to the introduction of a specially created pipe command. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
ROS-20240730-04
A vulnerability in the document processing, conversion and generation software suite Ghostscript is related to the introduction of a specially crafted pipe command. Exploitation of the vulnerability could Allow an attacker acting remotely to execute arbitrary code...
CentOS 9 : ghostscript-9.54.0-4.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ghostscript-9.54.0-4.el9 build changelog. - A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe...
SUSE CVE-2008-2933
Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' pipe characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely...
SUSE CVE-2021-3781
A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...
CVE-2020-23584
Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands on " /diagtracertadmin.asp " in the "PingTest" parameter that leads to command execution...
ALPINE-CVE-2021-3781
A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...
CVE-2021-3781
A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...
Artifex Ghostscript Code Execution Vulnerability (CNVD-2020-54493)
Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...
Ruby Gem Curl Command Execution
Curl Ruby Gem Remote command execution 3/12/2013 https://github.com/tg0/curl Specially crafted URLs can result in remote code execution: In ./lib/curl.rb the following lines: 131 cmd = "curl cookiesstore browsertype @setupparams ref "url" " 132 if @debug 133 puts cmd.red 134 end 135 result =...
DSA-1705-1 netatalk - arbitrary code execution
Bulletin has no description...