Arbitrary Code Execution

ghostscript is vulnerable to arbitrary code execution. A buffer overflow flaw and multiple missing boundary checks were found in Ghostscript. An attacker could create a specially-crafted PostScript or PDF file that could cause Ghostscript to crash or, potentially, execute arbitrary code when open...

Arbitrary Code Execution

ghostscript is vulnerable to arbitrary code execution. A buffer overflow flaw and multiple missing boundary checks were found in Ghostscript. An attacker could create a specially-crafted PostScript or PDF file that could cause Ghostscript to crash or, potentially, execute arbitrary code when open...

Arbitrary Code Execution

ghostscript is vulnerable to arbitrary code execution. A buffer overflow flaw and multiple missing boundary checks were found in Ghostscript. An attacker could create a specially-crafted PostScript or PDF file that could cause Ghostscript to crash or, potentially, execute arbitrary code when open...

Arbitrary Code Execution

cups is vulnerable to arbitrary code execution. The vulnerability exists as two overflows were discovered in the HP-GL/2-to-PostScript filter. An attacker could create a malicious HP-GL/2 file that could possibly execute arbitrary code as the "lp" user if the file is printed...

okular security update

CentOS Errata and Security Advisory CESA-2020:1173 An update for okular is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

EulerOS Virtualization for ARM 64 3.0.6.0 : ghostscript (EulerOS-SA-2020-1348)

According to the versions of the ghostscript packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did n...

GPL Ghostscript: Multiple vulnerabilities

Background Ghostscript is an interpreter for the PostScript language and for PDF. Description Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to process a specially craft...

ImageMagick: heap-based buffer overflow in ReadPSInfo in coders/ps.c

ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c...

Moderate: Red Hat Security Advisory: okular security update

An update for okular is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Microsoft Windows Type 1 Font Parsing Remote Code Execution Vulnerability (ADV200006)

Two remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. There are multiple ways an attacker could exploit the vulnerability, such as convincing a use...

Type 1 Font Parsing Remote Code Execution Vulnerability

Microsoft has become aware of limited targeted Windows 7 based attacks that could leverage un-patched vulnerabilities in the Adobe Type Manager Library, and is providing the following guidance to help reduce customer risk until the security update is released. We appreciate the efforts of our...

CVE-2020-8883

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.916. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

Adobe Photoshop EPS BoundingBox Element Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2020-1240)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.2.0 : cairo (EulerOS-SA-2020-1260)

According to the versions of the cairo packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Cairo is a 2D graphics library designed to provide high-quality display and print output. Currently supported output...

EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2020-1100)

According to the version of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER...

[SECURITY] Fedora 31 Update: fontforge-20190801-2.fc31

FontForge former PfaEdit is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts...

[SECURITY] Fedora 30 Update: transfig-3.2.7b-1.fc30

The transfig utility creates a makefile which translates FIG created by xfig or PIC figures into a specified LaTeX graphics language for example, PostScriptTM. Transfig is used to create TeX documents which are portable i.e., they can be printed in a wide variety of environments. Install transfig...

[SECURITY] Fedora 30 Update: xfig-3.2.7b-1.fc30

Xfig is an X Window System tool for creating basic vector graphics, including bezier curves, lines, rulers and more. The resulting graphics can be saved, printed on PostScript printers or converted to a variety of other formats e.g., X11 bitmaps, Encapsulated PostScript, LaTeX. You should install...

ghostscript: -dSAFER escape in .charkeys (701841)

A flaw was found in the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access...