HP Multiple Products Buffer Overflow (CVE-2019-10627)

Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS...

CVE-2019-10627

Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS...

OESA-2024-2178 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: An issue was discovered in Artifex Ghostscript before 10.03.1. psi/zmisc1.c, when SAFER mode is used, allows eexec...

OESA-2023-1607 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal...

Mozilla: Malicious PDF can inject JavaScript into PDF Viewer

The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR 52.8 and Firefox 60...

Artifex Ghostscript PostScript Handling Buffer Overflow DoS

The version of Artifex Ghostscript installed on the remote Windows host is 9.22 or earlier. It is, therefore, affected by a denial of service vulnerability due to improperly handling PostScript data. A context-dependent attacker could cause a buffer overflow, potentially crashing the service. C...

RHEL 2.1 : kdebase (RHSA-2003:146)

This erratum provides updated KDE packages to resolve a vulnerability in the handling of PostScript and PDF files. KDE is a graphical desktop environment for the X Window System. KDE versions up to and including KDE 3.1.1 have a vulnerability caused by neglecting to use the -dSAFER option when...

Updated KDE packages available

New KDE 3.1.1a packages are available for Slackware 9.0 which fix a security problem with the handling of PS and PDF documents. Here are the details from the Slackware 9.0 ChangeLog: Thu Apr 17 15:32:15 PDT 2003 patches/packages/kde/: Upgraded to KDE 3.1.1a. Also included in this directory are a...