Exempi Denial of Service Vulnerability (CNVD-2018-06686)

Exempi is an open source implementation of XMP based on the Adobe XMP SDK. A security vulnerability exists in the 'PostScriptSupport::ConvertToDate' function in the XMPFiles/source/FormatSupport/PostScriptSupport.cpp file in versions of Exempi prior to 2.4.3. ' function has a security...

CVE-2017-18237

An issue was discovered in Exempi before 2.4.3. The PostScriptSupport::ConvertToDate function in XMPFiles/source/FormatSupport/PostScriptSupport.cpp allows remote attackers to cause a denial of service invalid pointer dereference and application crash via a crafted .ps file...

CVE-2017-18237

An issue was discovered in Exempi before 2.4.3. The PostScriptSupport::ConvertToDate function in XMPFiles/source/FormatSupport/PostScriptSupport.cpp allows remote attackers to cause a denial of service invalid pointer dereference and application crash via a crafted .ps file...

DEBIAN-CVE-2017-18237

An issue was discovered in Exempi before 2.4.3. The PostScriptSupport::ConvertToDate function in XMPFiles/source/FormatSupport/PostScriptSupport.cpp allows remote attackers to cause a denial of service invalid pointer dereference and application crash via a crafted .ps file...

CVE-2018-7729

An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...

Exempi 'PostScript_MetaHandler::ParsePSFile()' function heap buffer overflow vulnerability

Exempi is an open source implementation of XMP based on the Adobe XMP SDK. A heap buffer overflow vulnerability exists in the 'PostScriptMetaHandler::ParsePSFile' function in the XMPFiles/source/FileHandlers/PostScriptHandler.cpp file in Exempi 2.4.4 and earlier. An attacker can exploit this...

CVE-2018-7729

An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...

DEBIAN-CVE-2018-7729

An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...

Stack overflow

An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...

UBUNTU-CVE-2018-7729

An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...

Updated ghostscript packages fix security vulnerability

The fillthreshholdbuffer function in base/gxhtthresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document CVE-2016-10317...

PT-2018-1532 · Artifex +5 · Ghostscript +5

Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions prior to 9.24 Description: The issue is related to a type confusion error in the LockDistillerParams parameter. Attackers who can provide manipulated PostScript files could exploit this to crash the interpreter or...

openSUSE Security Update : ghostscript (openSUSE-2018-157)

This update for ghostscript fixes several security issues : - CVE-2017-9835: The gsallocrefarray function allowed remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document bsc1050879. ...

SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2018:0407-1)

This update for ghostscript fixes several issues. These security issues were fixed : - CVE-2017-9835: The gsallocrefarray function allowed remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted...

SRC-2019-0018 : Adobe Acrobat Pro DC Distiller PostScript File Parsing Type 1 Font FontInfo Type Confusion Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

SRC-2019-0019 : Adobe Acrobat Pro DC Distiller PostScript File Parsing dvips TeXDict Type Confusion Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

VulnCheck KEV: CVE-2013-4979

Buffer overflow in the gldll32.dll module in EPS Viewer 3.2 and earlier allows remote attackers to execute arbitrary code via a crafted EPS file...

[SECURITY] Fedora 26 Update: evince-3.24.2-2.fc26

Evince is simple multi-page document viewer. It can display and print Portable Document Format PDF, PostScript PS and Encapsulated PostScript EPS files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents...

UBUNTU-CVE-2017-17682

In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service CPU exhaustion via a crafted wpg image file that triggers a ReadWPGImage call...

[SECURITY] Fedora 27 Update: transfig-3.2.6a-1.fc27

The transfig utility creates a makefile which translates FIG created by xfig or PIC figures into a specified LaTeX graphics language for example, PostScriptTM. Transfig is used to create TeX documents which are portable i.e., they can be printed in a wide variety of environments. Install transfig...